Falhas do tipo CWE-284
4.429 resultadosCVE-2025-12378MEDIUMcode-projects Simple Food Ordering System addproduct.php unrestricted uploadEPSS 0.5%CVE-2024-1476MEDIUMUnder Construction / Maintenance Mode from Acurax <= 2.6 - Information ExposureEPSS 0.5%CVE-2025-12301MEDIUMcode-projects Simple Food Ordering System editproduct.php unrestricted uploadEPSS 0.5%CVE-2022-45320MEDIUMLiferay Portal before 7.4.3.16 and Liferay DXP before 7.2 fix pack 19, 7.3 before update 6, and 7.4 before update 16 allow remote authenticaEPSS 0.5%CVE-2026-1107MEDIUMEyouCMS Member Avatar Diyajax.php check_userinfo unrestricted uploadEPSS 0.5%CVE-2024-43492HIGHMicrosoft AutoUpdate (MAU) Elevation of Privilege VulnerabilityEPSS 0.5%CVE-2025-3244MEDIUMSourceCodester Web-based Pharmacy Product Management System Create User Page add-admin.php unrestricted uploadEPSS 0.5%CVE-2025-30692MEDIUMVulnerability in the Oracle iSupplier Portal product of Oracle E-Business Suite (component: Attachments). Supported versions that are affecEPSS 0.5%CVE-2021-46851CRITICALThe DRM module has a vulnerability in verifying the secure memory attributes. Successful exploitation of this vulnerability may cause abnormEPSS 0.5%CVE-2022-36771MEDIUMIBM QRadar User Behavior Analytics could allow an authenticated user to obtain sensitive information from that they should not have access tEPSS 0.5%CVE-2024-9298MEDIUMSourceCodester Online Railway Reservation System Ticket ?page=tickets access controlEPSS 0.5%CVE-2023-50257CRITICALDisconnect Vulnerability in RTPS Packets Used by SROS2EPSS 0.5%CVE-2026-20887HIGHImproper access control for some Intel Vision software for all versions within Ring 3: User Applications may allow a denial of service. UnprEPSS 0.5%CVE-2023-35939HIGHGLPI vulnerable to unauthorized access to Dashboard dataEPSS 0.5%CVE-2020-10627HIGHInsulet Omnipod Insulin Management System insulin pump product ID 19191 and 40160 is designed to communicate using a wireless RF with an InsEPSS 0.5%CVE-2025-70064HIGHPHPGurukul Hospital Management System v4.0 contains a Privilege Escalation vulnerability. A low-privileged user (Patient) can directly accesEPSS 0.5%CVE-2025-63221CRITICALThe Axel Technology puma devices (firmware versions 0.8.5 to 1.0.3) are vulnerable to Broken Access Control due to missing authentication onEPSS 0.5%CVE-2024-36535CRITICALInsecure permissions in meshery v0.7.51 allows attackers to access sensitive data and escalate privileges by obtaining the service account'sEPSS 0.5%CVE-2025-26678HIGHWindows Defender Application Control Security Feature Bypass VulnerabilityEPSS 0.5%CVE-2023-26460MEDIUMImproper Access Control in SAP NetWeaver AS Java (Cache Management Service)EPSS 0.5%