Fallos del tipo CWE-284
4446 resultadosCVE-2026-6000MEDIUMcode-projects Online Library Management System SQL Database Backup File library.sql information disclosureEPSS 0.3%CVE-2026-5847MEDIUMcode-projects Movie Ticketing System SQL Database Backup File moviedb.sql information disclosureEPSS 0.3%CVE-2022-28542MEDIUMImproper sanitization of incoming intent in Galaxy Store prior to version 4.5.40.5 allows local attackers to access privileged content proviEPSS 0.3%CVE-2026-4830MEDIUMkalcaddle kodbox Public Share userShare.class.php add privilege escalationEPSS 0.3%CVE-2023-3786MEDIUMAures Komet Kiosk Mode access controlEPSS 0.3%CVE-2024-36241LOW/playbook add slash command allows viewing arbitrary post contentsEPSS 0.3%CVE-2026-3541HIGHInappropriate implementation in CSS in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to perform an out of bounds memory reEPSS 0.3%CVE-2025-50060HIGHVulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). Supported versions that are affected are 7.6.EPSS 0.3%CVE-2025-58459MEDIUMJenkins global-build-stats Plugin 322.v22f4db_18e2dd and earlier does not perform permission checks in its REST API endpoints, allowing attaEPSS 0.3%CVE-2025-27702MEDIUMPermissions bypass in the management console of Absolute Secure Access prior to version 13.54EPSS 0.3%CVE-2025-10201HIGHInappropriate implementation in Mojo in Google Chrome on Android, Linux, ChromeOS prior to 140.0.7339.127 allowed a remote attacker to bypasEPSS 0.3%CVE-2025-15086MEDIUMyoulaitech youlai-mall MemberController.java getMemberByMobile access controlEPSS 0.3%CVE-2026-6489MEDIUMQueryMine sms Background Management addteacher.php unrestricted uploadEPSS 0.3%CVE-2026-31834HIGHUmbraco Affected by Vertical Privilege Escalation via Missing Authorization ChecksEPSS 0.3%CVE-2026-5546MEDIUMCampcodes Complete Online Learning Management System Crud_model.php add_lesson unrestricted uploadEPSS 0.3%CVE-2025-57489HIGHIncorrect access control in the SDAgent component of Shirt Pocket SuperDuper! v3.10 allows attackers to escalate privileges to root due to tEPSS 0.3%CVE-2026-54400CRITICALA malicious actor with access to the network and high privileges could exploit an Improper Access Control vulnerability found in UniFi AccesEPSS 0.3%CVE-2025-48025MEDIUMIn Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000, there is an impropeEPSS 0.3%CVE-2026-24904MEDIUMTrustTunnel has `client_random_prefix` rule bypass via fragmented or partial TLS ClientHelloEPSS 0.3%CVE-2026-1879MEDIUMHarvard University IQSS Dataverse Theme Customization ThemeAndWidgets.xhtml unrestricted uploadEPSS 0.3%