Falhas do tipo CWE-284

4.428 resultados
CVE-2023-27268MEDIUMImproper Access Control in SAP NetWeaver AS Java (Object Analyzing Service)EPSS 0.4%CVE-2025-22157HIGHThis High severity PrivEsc (Privilege Escalation) vulnerability was introduced in versions: 9.12.0, 10.3.0, 10.4.0, and 10.5.0 of Jira CoreEPSS 0.4%CVE-2025-3410MEDIUMmymagicpower AIAS LocalStorageController.java unrestricted uploadEPSS 0.4%CVE-2023-28845LOWChat room membership disclosed via autocompletion in Nextcloud talkEPSS 0.4%CVE-2024-1370MEDIUMMaintenance Page <= 1.0.8 - Missing Authorization to Sensitive Information ExposureEPSS 0.4%CVE-2024-27841CRITICALThe issue was addressed with improved memory handling. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5. An app may be ablEPSS 0.4%CVE-2025-0460MEDIUMBlog Botz for Journal Theme blog_add unrestricted uploadEPSS 0.4%CVE-2025-23389HIGHRancher does not Properly Validate Account Bindings in SAML Authentication Enables User Impersonation on First LoginEPSS 0.4%CVE-2025-24088HIGHThe issue was addressed by adding additional logic. This issue is fixed in macOS Tahoe 26. An app may be able to override MDM-enforced settiEPSS 0.4%CVE-2024-0972MEDIUMBuddyPress Members Only <= 3.4.8 - Improper Access Control to Sensitive Information Exposure via REST APIEPSS 0.4%CVE-2021-44776MEDIUMspx_restservice SubNet_handler_func Broken Access ControlEPSS 0.4%CVE-2026-7198CRITICALCWE-284: Improper Access Control in web services in Progress SitefinityEPSS 0.4%CVE-2021-26732MEDIUMspx_restservice First_network_func Broken Access ControlEPSS 0.4%CVE-2025-9942MEDIUMCodeAstro Real Estate Management System submitproperty.php unrestricted uploadEPSS 0.4%CVE-2025-21340MEDIUMWindows Virtualization-Based Security (VBS) Security Feature Bypass VulnerabilityEPSS 0.4%CVE-2026-34723HIGHZammad has incorrect access control in getting_started_controllerEPSS 0.4%CVE-2025-1646MEDIUMLumsoft ERP ASPX File UploadAjaxAPI.ashx unrestricted uploadEPSS 0.4%CVE-2026-35172HIGHDistribution has stale blob access resurrection via repo-scoped redis descriptor cache invalidationEPSS 0.4%CVE-2023-6202MEDIUMInsecure Direct Object Reference in /plugins/focalboard/ api/v2/users of Mattermost BoardsEPSS 0.4%CVE-2025-9941MEDIUMCodeAstro Real Estate Management System register.php unrestricted uploadEPSS 0.4%