Falhas do tipo CWE-284
4.443 resultadosCVE-2025-57130HIGHAn Incorrect Access Control vulnerability in the user management component of ZwiiCMS up to v13.6.07 allows a remote, authenticated attackerEPSS 0.4%CVE-2024-28805CRITICALAn issue was discovered in Italtel i-MCS NFV 12.1.0-20211215. There is Incorrect Access Control.EPSS 0.4%CVE-2025-7151MEDIUMCampcodes Advanced Online Voting System voters_add.php unrestricted uploadEPSS 0.4%CVE-2025-6422MEDIUMCampcodes Online Recruitment Management System About Content Page ajax.php unrestricted uploadEPSS 0.4%CVE-2025-7124MEDIUMcode-projects Online Note Sharing Profile Image userprofile.php unrestricted uploadEPSS 0.4%CVE-2024-48905CRITICALSematell ReplyOne 7.4.3.0 has Insecure Permissions for the /rest/sessions endpoint.EPSS 0.4%CVE-2022-33931MEDIUMDell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability in UI. An attacker with no access to Alert ClasEPSS 0.4%CVE-2025-14195MEDIUMcode-projects Employee Profile Management System add_file_query.php unrestricted uploadEPSS 0.4%CVE-2025-7152MEDIUMCampcodes Advanced Online Voting System candidates_add.php unrestricted uploadEPSS 0.4%CVE-2026-27449HIGHUmbraco.Engage.Forms Allows Unauthorized Access to Multiple API EndpointsEPSS 0.4%CVE-2026-2250HIGHUnauthenticated Data Export and Source Code Disclosure via /dbviewer/ in METIS WICEPSS 0.4%CVE-2023-47858MEDIUMDetails of archived public channels are leaked to members of another teamEPSS 0.4%CVE-2025-6592LOWCreating a permanent account from a temporary account associates temp username and IP address with real username in AbuseLogEPSS 0.4%CVE-2025-7210MEDIUMcode-projects/Fabian Ros Library Management System profile_update.php unrestricted uploadEPSS 0.4%CVE-2023-52537HIGHVulnerability of package name verification being bypassed in the HwIms module.
Impact: Successful exploitation of this vulnerability will afEPSS 0.4%CVE-2025-12862MEDIUMprojectworlds Online Notes Sharing Platform userprofile.php unrestricted uploadEPSS 0.4%CVE-2020-3122MEDIUMCisco Content Security Management Appliance Information Disclosure VulnerabilityEPSS 0.4%CVE-2025-30736HIGHVulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.26, 21.3-21.17 and 23.4EPSS 0.4%CVE-2025-66509HIGHLaraDashboard: 1-Click Pre-Auth RCE via Host Header + Module Installation ChainEPSS 0.4%CVE-2026-20736HIGHGitea Web Attachment Deletion: Cross-Repository Unauthorized Deletion via Missing Repo Ownership CheckEPSS 0.4%