Falhas do tipo CWE-284

4.445 resultados
CVE-2026-3800MEDIUMSourceCodester/janobe Resort Reservation System controller.php doInsert unrestricted uploadEPSS 0.3%CVE-2023-42945CRITICALA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.1. An app may gain unauthorized accesEPSS 0.3%CVE-2026-35235MEDIUMVulnerability in the MySQL Server product of Oracle MySQL (component: Server: GIS). Supported versions that are affected are 9.0.0-9.6.0. EEPSS 0.3%CVE-2025-14885MEDIUMSourceCodester Client Database Management System Leads Generation user_leads.php unrestricted uploadEPSS 0.3%CVE-2025-54563HIGHAn Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which aEPSS 0.3%CVE-2025-9139MEDIUMScada-LTS WatchListDwr.init.dwr information disclosureEPSS 0.3%CVE-2023-38132LAN-W451NGR all versions provided by LOGITEC CORPORATION contains an improper access control vulnerability, which allows an unauthenticated EPSS 0.3%CVE-2025-55471HIGHIncorrect access control in the getUserFormData function of youlai-boot v2.21.1 allows attackers to access sensitive information for other uEPSS 0.3%CVE-2024-48899MEDIUMMoodle: idor when accessing list of course badgesEPSS 0.3%CVE-2026-2146MEDIUMguchengwuyue yshopmall co.yixiang.utils.FileUtil updateAvatar unrestricted uploadEPSS 0.3%CVE-2025-9240MEDIUMelunez eladmin info information disclosureEPSS 0.3%CVE-2024-46280HIGHPIX-LINK LV-WR22 RE3002-P1-01_V117.0 is vulnerable to Improper Access Control. The TELNET service is enabled with weak credentials for a rooEPSS 0.3%CVE-2025-31232HIGHA logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6. A saEPSS 0.3%CVE-2026-32254HIGHKube-router Proxy Module Blindly Trusts ExternalIPs/LoadBalancer IPs Enabling Cluster-Wide Traffic Hijacking and DNS DoSEPSS 0.3%CVE-2025-45618MEDIUMIncorrect access control in the component /admin/sys/datasource/ajaxList of jeeweb-mybatis-springboot v0.0.1.RELEASE allows attackers to accEPSS 0.3%CVE-2026-7686MEDIUMeyeo Adblock Plus Legacy Premium Activation premium.preload.js postMessage access controlEPSS 0.3%CVE-2018-15611MEDIUMCommunication Manager Local Administrator PrivEscEPSS 0.3%CVE-2026-34358HIGHCtrlPanel: Missing Authorization on Admin Write Endpoints Allows RBAC BypassEPSS 0.3%CVE-2025-6786MEDIUMDocCheck Login <= 1.1.5 - Unauthorized Post AccessEPSS 0.3%CVE-2026-22011HIGHVulnerability in the Oracle Applications DBA product of Oracle E-Business Suite (component: ADPatch). Supported versions that are affected EPSS 0.3%