Falhas do tipo CWE-284
4.443 resultadosCVE-2025-13574MEDIUMcode-projects Online Bidding System addcategory.php categoryadd unrestricted uploadEPSS 0.3%CVE-2026-28828MEDIUMA permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS TEPSS 0.3%CVE-2026-58422CRITICALImproper authorization on OAuth sign-in callback silently re-enables administrator-disabled accountsEPSS 0.3%CVE-2024-46916HIGHDiebold Nixdorf Vynamic Security Suite through 4.3.0 SR06 contains functionality that allows the removal of critical system files before theEPSS 0.3%CVE-2025-7572MEDIUMLB-LINK BL-WR9000 lighttpd.cgi bs_GetHostInfo information disclosureEPSS 0.3%CVE-2025-7573MEDIUMLB-LINK BL-WR9000 lighttpd.cgi bs_GetManPwd information disclosureEPSS 0.3%CVE-2025-53003HIGHJanssen Config API returns results without scope verificationEPSS 0.3%CVE-2025-11026MEDIUMgivanz Vvveb Configuration File information disclosureEPSS 0.3%CVE-2026-54305HIGHn8n: Cross-Tenant Credential Takeover via Dynamic Credentials EE EndpointsEPSS 0.3%CVE-2026-2207MEDIUMWeKan Activity Publication activities.js LinkedBoardActivitiesBleed information disclosureEPSS 0.3%CVE-2025-50105HIGHVulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Administration). Supported veEPSS 0.3%CVE-2022-39870MEDIUMImproper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensEPSS 0.3%CVE-2022-39868MEDIUMImproper access control vulnerability in GedSamsungAccount.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive infEPSS 0.3%CVE-2022-39867MEDIUMImproper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensEPSS 0.3%CVE-2024-20951MEDIUMVulnerability in the Oracle Customer Interaction History product of Oracle E-Business Suite (component: Outcome-Result). Supported versionsEPSS 0.3%CVE-2022-39869MEDIUMImproper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensEPSS 0.3%CVE-2022-39865MEDIUMImproper access control vulnerability in ContentsSharingActivity.java SmartThings prior to version 1.7.89.0 allows attackers to access sensiEPSS 0.3%CVE-2024-42497MEDIUMInsufficient permissions checks on teamsEPSS 0.3%CVE-2022-39871MEDIUMImproper access control vulnerability cloudNotificationManager.java in SmartThings prior to version 1.7.89.0 allows attackers to access sensEPSS 0.3%CVE-2019-6566—GE Communicator, all versions prior to 4.0.517, allows a non-administrative user to replace the uninstaller with a malicious version, which EPSS 0.3%