Fallos del tipo CWE-284
4436 resultadosCVE-2025-59333HIGH@executeautomation/database-server does not properly restrict access, bypassing a "read-only" modeEPSS 0.4%CVE-2024-13134MEDIUMZeroWdd studentmanager TeacherController. java editTeacher unrestricted uploadEPSS 0.4%CVE-2024-39777HIGHMalicious remote can invite itself to an arbitrary local channelEPSS 0.4%CVE-2024-0453MEDIUMAI ChatBot <= 5.3.4 - Missing Authorization via openai_file_delete_callbackEPSS 0.4%CVE-2024-13212MEDIUMSingMR HouseRent AddHouseController.java upload unrestricted uploadEPSS 0.4%CVE-2025-6870MEDIUMSourceCodester Simple Company Website Content.php unrestricted uploadEPSS 0.4%CVE-2026-33316HIGHVikunja’s Improper Access Control Enables Bypass of Administrator-Imposed Account DisablementEPSS 0.4%CVE-2024-0452MEDIUMAI ChatBot <= 5.3.4 - Missing Authorization via openai_file_upload_callbackEPSS 0.4%CVE-2026-41614MEDIUMM365 Copilot for Desktop Spoofing VulnerabilityEPSS 0.4%CVE-2024-13042MEDIUMTsinghua Unigroup Electronic Archives Management System download.html download information disclosureEPSS 0.4%CVE-2022-29160LOWSensitive files/data exist after deletion of user account in Nextcloud AndroidEPSS 0.4%CVE-2026-5526MEDIUMTenda 4G03 Pro httpd access controlEPSS 0.4%CVE-2026-2666MEDIUMmingSoft MCMS Template Archive uploadTemplate.do unrestricted uploadEPSS 0.4%CVE-2026-46861CRITICALVulnerability in the MySQL NDB Cluster product of Oracle MySQL (component: Cluster: NDB Operator). Supported versions that are affected areEPSS 0.4%CVE-2026-46919CRITICALVulnerability in the Siebel CRM Cloud Applications product of Oracle Siebel CRM (component: Siebel Cloud Manager). Supported versions that EPSS 0.4%CVE-2024-42655HIGHAn access control issue in NanoMQ v0.21.10 allows attackers to bypass security restrictions and access sensitive system topic messages usingEPSS 0.4%CVE-2024-41144MEDIUMMalicious remote can create/update/delete arbitrary posts in arbitrary channelsEPSS 0.4%CVE-2025-4258MEDIUMzhangyanbo2007 youkefu MediaController.java upload unrestricted uploadEPSS 0.4%CVE-2024-13240HIGHOpen Social - Moderately critical - Access bypass - SA-CONTRIB-2024-004EPSS 0.4%CVE-2025-25621MEDIUMUnifiedtransform 2.0 is vulnerable to Incorrect Access Control, which allows teachers to take attendance of fellow teachers. This affected eEPSS 0.4%