Weaknesses of type CWE-306

1,722 results
CVE-2026-46966HIGHVulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Site Level Administration). SEPSS 0.3%CVE-2026-35295HIGHVulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: WebCenter Sites). Supported versions that are aEPSS 0.3%CVE-2026-46935HIGHVulnerability in the Oracle Complex Maintenance, Repair and Overhaul product of Oracle E-Business Suite (component: Internal Operations). SEPSS 0.3%CVE-2026-46934HIGHVulnerability in the Oracle Complex Maintenance, Repair and Overhaul product of Oracle E-Business Suite (component: Internal Operations). SEPSS 0.3%CVE-2023-7328MEDIUMScreen SFT DAB 600/C <= 1.9.3 Unauthenticated Information DisclosureEPSS 0.3%CVE-2026-12819CRITICALDVP-12SE Missing Authentication and Unauthorized Write access VulnerabilityEPSS 0.3%CVE-2026-55450CRITICALLangflow: Unauthenticated file upload leads to DoS (space exhaustion) and information leakEPSS 0.3%CVE-2026-47136MEDIUMRustFS: Unauthenticated RustFS console license endpoint exposes license metadataEPSS 0.3%CVE-2026-33951MEDIUMsignalk-server: Unauthenticated Source Priorities ManipulationEPSS 0.3%CVE-2026-45044HIGHRustFS: Authentication bypass in /profile/cpu and /profile/memory allows unauthenticated access to profiling handlersEPSS 0.3%CVE-2025-6226MEDIUMIDOR in CreatePost API allows for timeboxed message disclosureEPSS 0.3%CVE-2025-4382MEDIUMGrub2: grub allow access to encrypted device through cli once root device is unlocked via tpmEPSS 0.3%CVE-2025-4560MEDIUMNetvision ISOinsight - Missing AuthenticationEPSS 0.3%CVE-2025-41090HIGHImproper Access Control in CCN-CERT microCLAUDIAEPSS 0.3%CVE-2026-41273HIGHFlowise: Unauthenticated OAuth 2.0 Access Token Disclosure via Public ChatflowEPSS 0.3%CVE-2026-33159MEDIUMCraft CMS: Unauthenticated users could execute project configuration sync operations that should be restricted trusted usersEPSS 0.3%CVE-2025-13030MEDIUMAll versions of the package django-mdeditor are vulnerable to Missing Authentication for Critical Function in the image upload endpoint. An EPSS 0.3%CVE-2026-9142CRITICALInsecure Default Credentials vulnerability in NI grpc-device when TLS configuration is not presentEPSS 0.3%CVE-2025-13483HIGHMissing Authentication for Critical Function in SiRcom SMART Alert (SiSA)EPSS 0.3%CVE-2023-31033MEDIUMCVEEPSS 0.3%