Falhas do tipo CWE-284
4.428 resultadosCVE-2024-12478MEDIUMInvoicePlane 1 upload_file unrestricted uploadEPSS 0.5%CVE-2023-22448MEDIUMImproper access control for some Intel Unison software may allow a privileged user to potentially enable escalation of privilege via networkEPSS 0.5%CVE-2024-1478MEDIUMMaintenance Mode <= 3.0.1 - Information ExposureEPSS 0.5%CVE-2026-2669MEDIUMRongzhitong Visual Integrated Command and Dispatch Platform User delete access controlEPSS 0.5%CVE-2025-4535MEDIUMGosuncn Technology Group Audio-Visual Integrated Management Platform Configuration File config.properties information disclosureEPSS 0.5%CVE-2025-0346MEDIUMcode-projects Content Management System Publish News Page publishnews.php unrestricted uploadEPSS 0.5%CVE-2025-4536MEDIUMGosuncn Technology Group Audio-Visual Integrated Management Platform listByPage information disclosureEPSS 0.5%CVE-2025-8255MEDIUMcode-projects Exam Form Submission register.php unrestricted uploadEPSS 0.5%CVE-2022-32880MEDIUMThis issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.5. An app may be able to access user-sensitiEPSS 0.5%CVE-2025-26611CRITICALSQL Injection endpoint 'remover_produto.php' parameter 'id_produto' in WeGIAEPSS 0.5%CVE-2022-3780HIGHDatabase connections on deleted users could stay active on MySQL data sources in Remote Desktop Manager 2022.3.7 and below which allow deletEPSS 0.5%CVE-2023-36725HIGHWindows Kernel Elevation of Privilege VulnerabilityEPSS 0.5%CVE-2024-1462MEDIUMMaintenance Page <= 1.0.8 - Security Mechanism Bypass via REST APIEPSS 0.5%CVE-2023-28877HIGHThe VTEX apps-graphql@2.x GraphQL API module does not properly restrict unauthorized access to private configuration data. (apps-graphql@3.xEPSS 0.5%CVE-2025-69691CRITICALNetgate pfSense CE 2.8.0 allows code execution in the XMLRPC API via pfsense.exec_php. NOTE: the Supplier disputes this because the API callEPSS 0.5%CVE-2024-5168CRITICALImproper access control vulnerability in Prodys Quantum Audio codecEPSS 0.5%CVE-2023-36790HIGHWindows RDP Encoder Mirror Driver Elevation of Privilege VulnerabilityEPSS 0.5%CVE-2024-45438CRITICALAn issue was discovered in TitanHQ SpamTitan Email Security Gateway 8.00.x before 8.00.101 and 8.01.x before 8.01.14. The file quarantine.phEPSS 0.5%CVE-2023-20261MEDIUMA vulnerability in the web UI of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to retrieve arbitrary files froEPSS 0.5%CVE-2024-40475MEDIUMSourceCodester Best House Rental Management System v1.0 is vulnerable to Incorrect Access Control via /rental/payment_report.php, /rental/baEPSS 0.5%