Falhas do tipo CWE-284
4.456 resultadosCVE-2026-42832HIGHMicrosoft Office Spoofing VulnerabilityEPSS 0.2%CVE-2021-1583MEDIUMCisco Nexus 9000 Series Fabric Switches ACI Mode Arbitrary File Read VulnerabilityEPSS 0.2%CVE-2025-55626MEDIUMAn Insecure Direct Object Reference (IDOR) vulnerability in Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662EPSS 0.2%CVE-2026-34314MEDIUMVulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (comEPSS 0.2%CVE-2025-47221MEDIUMAn arbitrary file write was found in Keyfactor SignServer versions prior to 7.3.2. The properties ARCHIVETODISK_FILENAME-PATTERN, ARCHIVETODEPSS 0.2%CVE-2025-50434MEDIUMA security issue has been identified in Appian Enterprise Business Process Management version 25.3. The vulnerability is related to incorrecEPSS 0.2%CVE-2026-9604MEDIUMJeecgBoot AiragModelController access controlEPSS 0.2%CVE-2025-57219MEDIUMIncorrect access control in the endpoint /goform/ate of Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 allows attackers to escalate priviEPSS 0.2%CVE-2025-46391MEDIUMCWE-284: Improper Access ControlEPSS 0.2%CVE-2025-14338HIGHPolkit authentication dis isabled by default in inputplumberEPSS 0.2%CVE-2026-33212LOWWeblate: Improper access control for pending tasks in APIEPSS 0.2%CVE-2024-42406MEDIUMUnauthorized access on archived channelsEPSS 0.2%CVE-2026-32214MEDIUMUniversal Plug and Play (upnp.dll) Information Disclosure VulnerabilityEPSS 0.2%CVE-2025-20324MEDIUMImproper Access Control in System Source Types Configuration in Splunk EnterpriseEPSS 0.2%CVE-2026-33103MEDIUMMicrosoft Dynamics 365 (On-Premises) Information Disclosure VulnerabilityEPSS 0.2%CVE-2023-21969MEDIUMVulnerability in Oracle SQL Developer (component: Installation). Supported versions that are affected are Prior to 23.1.0. Easily exploitabEPSS 0.2%CVE-2026-14052MEDIUMInsufficient policy enforcement in FileSystem in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass discretionary acceEPSS 0.2%CVE-2025-30759MEDIUMVulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: Platform Security). Supported EPSS 0.2%CVE-2026-55116CRITICALA malicious actor with access to the network and under certain network configurations could exploit an Improper Access Control vulnerabilityEPSS 0.2%CVE-2026-2852MEDIUMyeqifu warehouse Sales Endpoint SalesController.java deleteSales access controlEPSS 0.2%