Fallos del tipo CWE-306
1719 resultadosCVE-2026-46952HIGHVulnerability in the Oracle Quality product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affectEPSS 0.4%CVE-2025-25265MEDIUMUnauthenticated File Read via Web InterfaceEPSS 0.4%CVE-2026-46903HIGHVulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Business Logic Infrastructure Security). SuppoEPSS 0.4%CVE-2026-46961HIGHVulnerability in the Oracle Project Portfolio Analysis product of Oracle E-Business Suite (component: Internal Operations). Supported versiEPSS 0.4%CVE-2026-46962HIGHVulnerability in the Oracle Project Portfolio Analysis product of Oracle E-Business Suite (component: Internal Operations). Supported versiEPSS 0.4%CVE-2026-35299HIGHVulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 12.EPSS 0.4%CVE-2026-46951HIGHVulnerability in the Oracle Quality product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affectEPSS 0.4%CVE-2026-46942HIGHVulnerability in the Oracle Process Manufacturing Process Planning product of Oracle E-Business Suite (component: Internal Operations). SupEPSS 0.4%CVE-2026-35303HIGHVulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 12.EPSS 0.4%CVE-2026-46973HIGHVulnerability in the Oracle Outsourced Mfg for Discrete Industries product of Oracle E-Business Suite (component: Internal Operations). SupEPSS 0.4%CVE-2026-25058HIGHVexa's unauthenticated internal transcript endpoint exposed by defaultEPSS 0.4%CVE-2025-40736CRITICALA vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application exposes an endpoint that allows an unauthorEPSS 0.4%CVE-2024-40087CRITICALVilo 5 Mesh WiFi System <= 5.16.1.33 is vulnerable to Insecure Permissions. Lack of authentication in the custom TCP service on port 5432 alEPSS 0.4%CVE-2026-3558HIGHPhilips Hue Bridge HomeKit Accessory Protocol Transient Pairing Mode Authentication Bypass VulnerabilityEPSS 0.4%CVE-2020-37157HIGHDBPower C300 HD Camera - Remote Configuration DisclosureEPSS 0.4%CVE-2025-11007CRITICALCE21 Suite 2.2.1 - 2.3.1 - Missing Authorization to Unauthenticated Privilege Escalation via Plugin Settings UpdateEPSS 0.4%CVE-2026-10617MEDIUMnextlevelbuilder GoClaw Webhook Verification auth.go resolveAuth missing authenticationEPSS 0.4%CVE-2025-7115MEDIUMrowboatlabs rowboat Session route.ts PUT missing authenticationEPSS 0.4%CVE-2026-48989HIGHWindows-MCP: HTTP transports expose unauthenticated PowerShell control with wildcard CORSEPSS 0.4%CVE-2026-6126MEDIUMzhayujie chatgpt-on-wechat CowAgent Administrative HTTP Endpoint missing authenticationEPSS 0.4%