Fallos del tipo CWE-284

4443 resultados
CVE-2024-45313MEDIUMInsecure default setting for Server Pro installed via Overleaf toolkitEPSS 0.3%CVE-2020-8157UniFi Cloud Key firmware <= v1.1.10 for Cloud Key gen2 and Cloud Key gen2 Plus contains a vulnerability that allows unrestricted root accessEPSS 0.3%CVE-2026-34733MEDIUMAVideo: Unauthenticated File Deletion via PHP Operator Precedence Bug in CLI GuardEPSS 0.3%CVE-2026-28837HIGHA logic issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.4. An app may be able to access sensitive user data.EPSS 0.3%CVE-2024-39274HIGHMalicious remote can add users to arbitrary teams and channelsEPSS 0.3%CVE-2025-1941CRITICALLock screen setting bypass in Firefox Focus for AndroidEPSS 0.3%CVE-2025-8265MEDIUM299Ko CMS File Management view unrestricted uploadEPSS 0.3%CVE-2024-44219HIGHA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.1. A malicious application with rootEPSS 0.3%CVE-2026-35271HIGHVulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft (component: Weblogic). Supported versions that are aEPSS 0.3%CVE-2025-9406MEDIUMxuhuisheng lemon CmsArticleController.java uploadImage unrestricted uploadEPSS 0.3%CVE-2025-4538MEDIUMkkFileView fileUpload unrestricted uploadEPSS 0.3%CVE-2025-31494LOWAutoGPT allows cross-user sharing of node execution results through WebSockets APIEPSS 0.3%CVE-2025-8738MEDIUMzlt2000 microservices-platform Spring Actuator Interface actuator information disclosureEPSS 0.3%CVE-2025-5162MEDIUMH3C SecCenter SMP-E1114P02 importFile unrestricted uploadEPSS 0.3%CVE-2025-10952MEDIUMgeyang ml-logger File server.py stream_handler information disclosureEPSS 0.3%CVE-2024-5650HIGHDLL Hijacking vulnerability has been found in CENTUM CAMS Log server provided by Yokogawa Electric Corporation. If an attacker is somehow abEPSS 0.3%CVE-2026-46976HIGHVulnerability in the Oracle Public Sector Payroll product of Oracle E-Business Suite (component: Internal Operations). Supported versions tEPSS 0.3%CVE-2026-42222HIGHnginx-ui: Unauthenticated first-boot instance claim via POST /api/install allows remote bootstrap takeoverEPSS 0.3%CVE-2024-20912LOWVulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Supported versions that are affected are 20.1-20.9. EasilyEPSS 0.3%CVE-2022-32872LOWA logic issue was addressed with improved restrictions. This issue is fixed in iOS 16, iOS 15.7 and iPadOS 15.7. A person with physical acceEPSS 0.3%