Falhas do tipo CWE-284
4.444 resultadosCVE-2022-20696HIGHCisco SD-WAN vManage Software Unauthenticated Access to Messaging Services VulnerabilityEPSS 0.3%CVE-2022-39868MEDIUMImproper access control vulnerability in GedSamsungAccount.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive infEPSS 0.3%CVE-2024-42497MEDIUMInsufficient permissions checks on teamsEPSS 0.3%CVE-2025-1941CRITICALLock screen setting bypass in Firefox Focus for AndroidEPSS 0.3%CVE-2026-34733MEDIUMAVideo: Unauthenticated File Deletion via PHP Operator Precedence Bug in CLI GuardEPSS 0.3%CVE-2025-53059MEDIUMVulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: OpenSearch Dashboards). Supported versions EPSS 0.3%CVE-2023-36638MEDIUMAn improper privilege management vulnerability [CWE-269] in FortiManager 7.2.0 through 7.2.2, 7.0.0 through 7.0.7, 6.4.0 through 6.4.11, 6.2EPSS 0.3%CVE-2024-39274HIGHMalicious remote can add users to arbitrary teams and channelsEPSS 0.3%CVE-2026-28837HIGHA logic issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.4. An app may be able to access sensitive user data.EPSS 0.3%CVE-2020-8157—UniFi Cloud Key firmware <= v1.1.10 for Cloud Key gen2 and Cloud Key gen2 Plus contains a vulnerability that allows unrestricted root accessEPSS 0.3%CVE-2024-45313MEDIUMInsecure default setting for Server Pro installed via Overleaf toolkitEPSS 0.3%CVE-2025-10952MEDIUMgeyang ml-logger File server.py stream_handler information disclosureEPSS 0.3%CVE-2025-4538MEDIUMkkFileView fileUpload unrestricted uploadEPSS 0.3%CVE-2025-5162MEDIUMH3C SecCenter SMP-E1114P02 importFile unrestricted uploadEPSS 0.3%CVE-2024-44219HIGHA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.1. A malicious application with rootEPSS 0.3%CVE-2025-8265MEDIUM299Ko CMS File Management view unrestricted uploadEPSS 0.3%CVE-2026-35271HIGHVulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft (component: Weblogic). Supported versions that are aEPSS 0.3%CVE-2025-31494LOWAutoGPT allows cross-user sharing of node execution results through WebSockets APIEPSS 0.3%CVE-2025-9406MEDIUMxuhuisheng lemon CmsArticleController.java uploadImage unrestricted uploadEPSS 0.3%CVE-2025-8738MEDIUMzlt2000 microservices-platform Spring Actuator Interface actuator information disclosureEPSS 0.3%