Weaknesses of type CWE-269
1,779 resultsCVE-2026-46964CRITICALVulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Site Level Administration). SEPSS 0.4%CVE-2026-46952HIGHVulnerability in the Oracle Quality product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affectEPSS 0.4%CVE-2026-46900CRITICALVulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite (component: Core). Supported versions thEPSS 0.4%CVE-2026-46937HIGHVulnerability in the Oracle iSetup product of Oracle E-Business Suite (component: General Ledger Update Transform, Reports). Supported versEPSS 0.4%CVE-2026-46951HIGHVulnerability in the Oracle Quality product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affectEPSS 0.4%CVE-2026-46903HIGHVulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Business Logic Infrastructure Security). SuppoEPSS 0.4%CVE-2026-46929HIGHVulnerability in the Oracle Cost Management product of Oracle E-Business Suite (component: Cost Planning). Supported versions that are affeEPSS 0.4%CVE-2026-46962HIGHVulnerability in the Oracle Project Portfolio Analysis product of Oracle E-Business Suite (component: Internal Operations). Supported versiEPSS 0.4%CVE-2026-46942HIGHVulnerability in the Oracle Process Manufacturing Process Planning product of Oracle E-Business Suite (component: Internal Operations). SupEPSS 0.4%CVE-2026-46961HIGHVulnerability in the Oracle Project Portfolio Analysis product of Oracle E-Business Suite (component: Internal Operations). Supported versiEPSS 0.4%CVE-2024-42995HIGHVTiger CRM <= 8.1.0 does not correctly check user privileges. A low-privileged user can interact directly with the "Migration" administrativEPSS 0.4%CVE-2024-21101LOWVulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.5.33 aEPSS 0.4%CVE-2020-7280HIGHSymbolic Link vulnerability during DAT updateEPSS 0.4%CVE-2025-2237CRITICALWP RealEstate <= 1.6.26 - Unauthenticated Privilege Escalation via 'process_register'EPSS 0.4%CVE-2021-22118—In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege esEPSS 0.4%CVE-2025-64338MEDIUMClipBucket's Manage Photos Feature is Vulnerable to Stored XSS via Collection NameEPSS 0.4%CVE-2025-23208HIGHIdP group membership revocation ignored in zotEPSS 0.4%CVE-2023-43664MEDIUMEmployee without any access rights can list all installed modules in PrestashopEPSS 0.4%CVE-2026-39961MEDIUMAiven Operator has cross-namespace secret exfiltration via ClickhouseUser connInfoSecretSourceEPSS 0.4%CVE-2026-40172HIGHauthentik: Privilege Escalation via User PATCH: Superuser Group Assignment Bypasses enable_group_superuserEPSS 0.4%