Fallos del tipo CWE-284
4445 resultadosCVE-2026-34309HIGHVulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Security). Supported versions that are affeEPSS 0.3%CVE-2026-20167HIGHCisco IoT Field Network Director Remote Device Denial of Service VulnerabilityEPSS 0.3%CVE-2026-46810MEDIUMVulnerability in the Identity Manager product of Oracle Fusion Middleware (component: End User Self Service). Supported versions that are aEPSS 0.3%CVE-2025-27258MEDIUMEricsson Network Manager: escalation of privilege vulnerabilityEPSS 0.3%CVE-2026-39968HIGHTypeBot: Cross-Workspace Credential Theft via Bot-Engine Preview EndpointEPSS 0.3%CVE-2026-40020LOWAttacker can use the IMAP SETACL command to inject the anyone permission to user's dovecot-acl file even if imap_acl_allow_anyone=no. This cEPSS 0.3%CVE-2025-65779HIGHAn issue was discovered in Wekan The Open Source kanban board system up to version 18.15, fixed in 18.16. Unauthenticated attackers can updaEPSS 0.3%CVE-2025-53729HIGHMicrosoft Azure File Sync Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2025-24214MEDIUMA privacy issue was addressed by not logging contents of text fields. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, tEPSS 0.3%CVE-2026-11017MEDIUMInappropriate implementation in Link Preview in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the rendeEPSS 0.3%CVE-2023-29115MEDIUMDenial of Service via Web Management interface in Enel X JuiceBoxEPSS 0.3%CVE-2026-3668LOWFreedom Factory dGEN1 org.ethosmobile.webpwaemul AndroidEthereum access controlEPSS 0.3%CVE-2025-46315HIGHA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to access protecEPSS 0.3%CVE-2026-11532MEDIUMimvks786 student_management_system Student Record add.php access controlEPSS 0.3%CVE-2025-13061MEDIUMitsourcecode Online Voting System index.php unrestricted uploadEPSS 0.3%CVE-2025-61119HIGHKanova Android App version 1.0.27 (package name com.karelane), developed by Karely L.L.C., contains improper access control vulnerabilities.EPSS 0.3%CVE-2026-35327HIGHVulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Supported versions that are EPSS 0.3%CVE-2025-24205MEDIUMAn authorization issue was addressed with improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS SEPSS 0.3%CVE-2022-42861HIGHThis issue was addressed with improved checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, iEPSS 0.3%CVE-2025-61113HIGHTalkTalk 3.3.6 Android App contains improper access control vulnerabilities in multiple API endpoints. By modifying request parameters, attaEPSS 0.3%