Falhas do tipo CWE-284

4.445 resultados
CVE-2026-32254HIGHKube-router Proxy Module Blindly Trusts ExternalIPs/LoadBalancer IPs Enabling Cluster-Wide Traffic Hijacking and DNS DoSEPSS 0.3%CVE-2025-6786MEDIUMDocCheck Login <= 1.1.5 - Unauthorized Post AccessEPSS 0.3%CVE-2025-9400MEDIUMYiFang CMS P_file.php mergeMultipartUpload unrestricted uploadEPSS 0.3%CVE-2026-2592HIGHZarinpal Gateway for WooCommerce <= 5.0.16 - Improper Access Control to Payment Status UpdateEPSS 0.3%CVE-2025-28233CRITICALIncorrect access control in BW Broadcast TX600 (14980), TX300 (32990) (31448), TX150, TX1000, TX30, and TX50 Hardware Version: 2, Software VEPSS 0.3%CVE-2025-10071MEDIUMPortabilis i-Educar cancelar-enturmacao-em-lote access controlEPSS 0.3%CVE-2024-36492HIGHExisting local user overwritten by malicious remoteEPSS 0.3%CVE-2025-10070MEDIUMPortabilis i-Educar enturmacao-em-lote access controlEPSS 0.3%CVE-2025-4051MEDIUMInsufficient data validation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage inEPSS 0.3%CVE-2024-20992MEDIUMVulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware (component: Content integration). The supported version tEPSS 0.3%CVE-2025-70982CRITICALIncorrect access control in the importUser function of SpringBlade v4.5.0 allows attackers with low-level privileges to arbitrarily import sEPSS 0.3%CVE-2025-10072MEDIUMPortabilis i-Educar enturmar access controlEPSS 0.3%CVE-2024-42766MEDIUMKashipara Bus Ticket Reservation System v1.0 0 is vulnerable to Incorrect Access Control via /deleteTicket.php.EPSS 0.3%CVE-2026-40569CRITICALFreeScout's Mass Assignment in Mailbox Connection Settings Enables Silent Email ExfiltrationEPSS 0.3%CVE-2026-45658HIGHWindows BitLocker Security Feature Bypass VulnerabilityEPSS 0.3%CVE-2026-42205HIGHAvo: Broken Access Control: Unauthorized Execution of Arbitrary Action Classes Across ResourcesEPSS 0.3%CVE-2025-50405MEDIUMIntelbras RX1500 Router v2.2.17 and before is vulnerable to Incorrect Access Control in the FirmwareUpload function and GetFirmwareValidatioEPSS 0.3%CVE-2025-7100MEDIUMBoyunCMS Index.php unrestricted uploadEPSS 0.3%CVE-2025-3113CRITICALImproper Access Control in Delphix Masking EngineEPSS 0.3%CVE-2024-51954HIGHUnauthorized access to secure services in ArcGIS ServerEPSS 0.3%