Falhas do tipo CWE-306

1.720 resultados
CVE-2026-35299HIGHVulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 12.EPSS 0.4%CVE-2026-46964CRITICALVulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Site Level Administration). SEPSS 0.4%CVE-2026-25058HIGHVexa's unauthenticated internal transcript endpoint exposed by defaultEPSS 0.4%CVE-2025-25265MEDIUMUnauthenticated File Read via Web InterfaceEPSS 0.4%CVE-2026-46940HIGHVulnerability in the Oracle Cost Management product of Oracle E-Business Suite (component: Cost Planning). Supported versions that are affeEPSS 0.4%CVE-2026-46780HIGHVulnerability in the WebCenter Content: Imaging product of Oracle Fusion Middleware (component: Core). Supported versions that are affectedEPSS 0.4%CVE-2026-46961HIGHVulnerability in the Oracle Project Portfolio Analysis product of Oracle E-Business Suite (component: Internal Operations). Supported versiEPSS 0.4%CVE-2026-35303HIGHVulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 12.EPSS 0.4%CVE-2026-46965HIGHVulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Site Level Administration). SEPSS 0.4%CVE-2026-46942HIGHVulnerability in the Oracle Process Manufacturing Process Planning product of Oracle E-Business Suite (component: Internal Operations). SupEPSS 0.4%CVE-2024-5143MEDIUMA user with device administrative privileges can change existing SMTP server settings on the device, without having to re-enter SMTP server EPSS 0.4%CVE-2026-46962HIGHVulnerability in the Oracle Project Portfolio Analysis product of Oracle E-Business Suite (component: Internal Operations). Supported versiEPSS 0.4%CVE-2026-46903HIGHVulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Business Logic Infrastructure Security). SuppoEPSS 0.4%CVE-2026-46937HIGHVulnerability in the Oracle iSetup product of Oracle E-Business Suite (component: General Ledger Update Transform, Reports). Supported versEPSS 0.4%CVE-2025-40736CRITICALA vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application exposes an endpoint that allows an unauthorEPSS 0.4%CVE-2026-3558HIGHPhilips Hue Bridge HomeKit Accessory Protocol Transient Pairing Mode Authentication Bypass VulnerabilityEPSS 0.4%CVE-2024-40087CRITICALVilo 5 Mesh WiFi System <= 5.16.1.33 is vulnerable to Insecure Permissions. Lack of authentication in the custom TCP service on port 5432 alEPSS 0.4%CVE-2020-37157HIGHDBPower C300 HD Camera - Remote Configuration DisclosureEPSS 0.4%CVE-2025-7115MEDIUMrowboatlabs rowboat Session route.ts PUT missing authenticationEPSS 0.4%CVE-2026-10617MEDIUMnextlevelbuilder GoClaw Webhook Verification auth.go resolveAuth missing authenticationEPSS 0.4%