Falhas do tipo CWE-284

4.431 resultados
CVE-2025-1165MEDIUMLumsoft ERP FileUploadApi.ashx DoWebUpload unrestricted uploadEPSS 0.4%CVE-2024-1288MEDIUMSchema & Structured Data for WP & AMP <= 1.26 - Missing Authorization to reCaptcha Key ModificationEPSS 0.4%CVE-2025-2705MEDIUMDigiwin ERP FileUploadApi.ashx DoWebUpload unrestricted uploadEPSS 0.4%CVE-2025-7538MEDIUMCampcodes Sales and Inventory System product_update.php unrestricted uploadEPSS 0.4%CVE-2025-25618LOWIncorrect Access Control in Unifiedtransform 2.0 leads to Privilege Escalation allowing the change of Section Name and Room Number by TeacheEPSS 0.4%CVE-2025-43502HIGHA privacy issue was addressed by removing sensitive data. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, viEPSS 0.4%CVE-2026-1424MEDIUMPHPGurukul News Portal Profile Pic unrestricted uploadEPSS 0.4%CVE-2025-7627MEDIUMYiJiuSmile kkFileViewOfficeEdit fileUpload unrestricted uploadEPSS 0.4%CVE-2023-39221MEDIUMImproper access control for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via netEPSS 0.4%CVE-2025-15121MEDIUMJeecgBoot getDeptRoleByUserId information disclosureEPSS 0.4%CVE-2025-3042MEDIUMProject Worlds Online Time Table Generator updateprofile.php unrestricted uploadEPSS 0.4%CVE-2019-10128A vulnerability was found in postgresql versions 11.x prior to 11.3. The Windows installer for EnterpriseDB-supplied PostgreSQL does not locEPSS 0.4%CVE-2024-0370MEDIUMViews for WPForms <= 3.2.2 - Missing Authorization via save_viewEPSS 0.4%CVE-2024-0369MEDIUMBulk Edit Post Titles <= 5.0.0 - Missing Authorization via bulkUpdatePostTitlesEPSS 0.4%CVE-2024-0371MEDIUMViews for WPForms <= 3.2.2 - Missing Authorization via create_viewEPSS 0.4%CVE-2025-3041MEDIUMProject Worlds Online Time Table Generator updatestudent.php unrestricted uploadEPSS 0.4%CVE-2026-41086HIGHWindows Admin Center in Azure Portal Elevation of Privilege VulnerabilityEPSS 0.4%CVE-2018-4844A vulnerability has been identified in SIMATIC WinCC OA UI for Android (All versions < V3.15.10), SIMATIC WinCC OA UI for iOS (All versions EPSS 0.4%CVE-2022-44565MEDIUMAn improper access validation vulnerability exists in airMAX AC <8.7.11, airFiber 60/LR <2.6.2, airFiber 60 XG/HD <v1.0.0 and airFiber GBE <EPSS 0.4%CVE-2025-61777CRITICALFlagForge Allows Unauthenticated Badge Template API AccessEPSS 0.4%