Falhas do tipo CWE-284
4.449 resultadosCVE-2025-15404MEDIUMcampcodes School File Management System save_file.php unrestricted uploadEPSS 0.3%CVE-2026-6000MEDIUMcode-projects Online Library Management System SQL Database Backup File library.sql information disclosureEPSS 0.3%CVE-2024-31320HIGHIn setSkipPrompt of AssociationRequest.java , there is a possible way to establish a companion device association without any confirmation dEPSS 0.3%CVE-2026-4830MEDIUMkalcaddle kodbox Public Share userShare.class.php add privilege escalationEPSS 0.3%CVE-2025-58459MEDIUMJenkins global-build-stats Plugin 322.v22f4db_18e2dd and earlier does not perform permission checks in its REST API endpoints, allowing attaEPSS 0.3%CVE-2025-50060HIGHVulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). Supported versions that are affected are 7.6.EPSS 0.3%CVE-2025-15086MEDIUMyoulaitech youlai-mall MemberController.java getMemberByMobile access controlEPSS 0.3%CVE-2025-27702MEDIUMPermissions bypass in the management console of Absolute Secure Access prior to version 13.54EPSS 0.3%CVE-2026-3541HIGHInappropriate implementation in CSS in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to perform an out of bounds memory reEPSS 0.3%CVE-2024-36241LOW/playbook add slash command allows viewing arbitrary post contentsEPSS 0.3%CVE-2023-3786MEDIUMAures Komet Kiosk Mode access controlEPSS 0.3%CVE-2025-10201HIGHInappropriate implementation in Mojo in Google Chrome on Android, Linux, ChromeOS prior to 140.0.7339.127 allowed a remote attacker to bypasEPSS 0.3%CVE-2025-48025MEDIUMIn Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000, there is an impropeEPSS 0.3%CVE-2026-1879MEDIUMHarvard University IQSS Dataverse Theme Customization ThemeAndWidgets.xhtml unrestricted uploadEPSS 0.3%CVE-2021-34724MEDIUMCisco IOS XE SD-WAN Software Privilege Escalation VulnerabilityEPSS 0.3%CVE-2025-25585HIGHIncorrect access control in the component /config/WebSecurityConfig.java of yimioa before v2024.07.04 allows unauthorized attackers to arbitEPSS 0.3%CVE-2025-57489HIGHIncorrect access control in the SDAgent component of Shirt Pocket SuperDuper! v3.10 allows attackers to escalate privileges to root due to tEPSS 0.3%CVE-2026-31834HIGHUmbraco Affected by Vertical Privilege Escalation via Missing Authorization ChecksEPSS 0.3%CVE-2024-31503HIGHIncorrect access control in Dolibarr ERP CRM versions 19.0.0 and before, allows authenticated attackers to steal victim users' session cookiEPSS 0.3%CVE-2026-54400CRITICALA malicious actor with access to the network and high privileges could exploit an Improper Access Control vulnerability found in UniFi AccesEPSS 0.3%