Falhas do tipo CWE-284
4.451 resultadosCVE-2026-48955MEDIUMJoomla! Core - [20260709] - Incorrect Access Control in com_workflowEPSS 0.3%CVE-2026-48957MEDIUMJoomla! Core - [20260711] - Incorrect Access Control in com_privacy webservice endpointsEPSS 0.3%CVE-2026-48956MEDIUMJoomla! Core - [20260710] - Incorrect Access Control in com_modulesEPSS 0.3%CVE-2026-48948MEDIUMJoomla! Core - [20260702] - Incorrect Access Control in com_contact vcf downloadEPSS 0.3%CVE-2025-50897MEDIUMA vulnerability exists in riscv-boom SonicBOOM 1.2 (BOOMv1.2) processor implementation, where valid virtual-to-physical address translationsEPSS 0.3%CVE-2024-20319MEDIUMA vulnerability in the UDP forwarding code of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to bypass configured mEPSS 0.3%CVE-2026-46827HIGHVulnerability in the Oracle Payroll product of Oracle E-Business Suite (component: Self Service Manager). Supported versions that are affecEPSS 0.3%CVE-2025-24202MEDIUMA logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. An app may EPSS 0.2%CVE-2025-24215MEDIUMThe issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 1EPSS 0.2%CVE-2026-21629MEDIUMJoomla! Core - [20260301] - ACL hardening in com_ajaxEPSS 0.2%CVE-2026-45080MEDIUMKlaw: Improper Access Control Allows Disclosure of Password HashEPSS 0.2%CVE-2026-41100MEDIUMMicrosoft 365 Copilot for Android Spoofing VulnerabilityEPSS 0.2%CVE-2026-56253HIGHCapgo - Unauthenticated Organization Member Email Disclosure via get_org_members RPCEPSS 0.2%CVE-2026-36720HIGHInsecure permissions in bookcars v8.3 allows authenticated attackers to escalate privileges from user to admin via modifying their user typeEPSS 0.2%CVE-2026-50881HIGHIncorrect access control in the impworks Bonsai v6.0 allows authenticated attackers with Editor privileges to escalate privileges to AdminisEPSS 0.2%CVE-2025-58714HIGHWindows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityEPSS 0.2%CVE-2025-24857HIGHImproper access control for volatile memory containing boot code in Universal Boot Loader (U-Boot) before 2017.11 and Qualcomm chips IPQ4019EPSS 0.2%CVE-2025-55630HIGHA discrepancy in the error message returned by the login function of Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3EPSS 0.2%CVE-2026-39250HIGHAn authorization vulnerability exists in Innoshop 0.6.0. After logging into the frontend, an attacker can directly access backend applicatioEPSS 0.2%CVE-2026-34754MEDIUMMantisBT allows unauthorized users to upload attachments to restricted issues via REST APIEPSS 0.2%