Falhas do tipo CWE-284

4.443 resultados
CVE-2022-47407MEDIUMAn issue was discovered in the fp_masterquiz (aka Master-Quiz) extension before 2.2.1, and 3.x before 3.5.1, for TYPO3. An attacker can contEPSS 0.4%CVE-2025-2499MEDIUMClient side access control bypass in the permission component in Devolutions Remote Desktop Manager on Windows. An authenticated user can eEPSS 0.4%CVE-2026-41614MEDIUMM365 Copilot for Desktop Spoofing VulnerabilityEPSS 0.4%CVE-2022-29160LOWSensitive files/data exist after deletion of user account in Nextcloud AndroidEPSS 0.4%CVE-2025-6870MEDIUMSourceCodester Simple Company Website Content.php unrestricted uploadEPSS 0.4%CVE-2024-13212MEDIUMSingMR HouseRent AddHouseController.java upload unrestricted uploadEPSS 0.4%CVE-2025-0402MEDIUM1902756969 reggie CommonController.java upload unrestricted uploadEPSS 0.4%CVE-2024-13042MEDIUMTsinghua Unigroup Electronic Archives Management System download.html download information disclosureEPSS 0.4%CVE-2024-39777HIGHMalicious remote can invite itself to an arbitrary local channelEPSS 0.4%CVE-2026-33316HIGHVikunja’s Improper Access Control Enables Bypass of Administrator-Imposed Account DisablementEPSS 0.4%CVE-2024-0452MEDIUMAI ChatBot <= 5.3.4 - Missing Authorization via openai_file_upload_callbackEPSS 0.4%CVE-2024-45323MEDIUMAn improper access control vulnerability [CWE-284] in FortiEDR Manager API 6.2.0 through 6.2.2, 6.0 all versions may allow in a shared envirEPSS 0.4%CVE-2024-0453MEDIUMAI ChatBot <= 5.3.4 - Missing Authorization via openai_file_delete_callbackEPSS 0.4%CVE-2024-13134MEDIUMZeroWdd studentmanager TeacherController. java editTeacher unrestricted uploadEPSS 0.4%CVE-2025-59333HIGH@executeautomation/database-server does not properly restrict access, bypassing a "read-only" modeEPSS 0.4%CVE-2024-13211MEDIUMSingMR HouseRent AdminController.java access controlEPSS 0.4%CVE-2026-46861CRITICALVulnerability in the MySQL NDB Cluster product of Oracle MySQL (component: Cluster: NDB Operator). Supported versions that are affected areEPSS 0.4%CVE-2026-2666MEDIUMmingSoft MCMS Template Archive uploadTemplate.do unrestricted uploadEPSS 0.4%CVE-2026-46919CRITICALVulnerability in the Siebel CRM Cloud Applications product of Oracle Siebel CRM (component: Siebel Cloud Manager). Supported versions that EPSS 0.4%CVE-2024-34099HIGHZDI-CAN-XXXX: [Pwn2Own] Acrobat sandbox bypass part 2 of 2EPSS 0.4%