Weaknesses of type CWE-284

4,427 results
CVE-2025-29448HIGHBooking logic flaw in Easy!Appointments v1.5.1 allows unauthenticated attackers to create appointments with excessively long durations, causEPSS 0.5%CVE-2018-10905HIGHCloudForms Management Engine (cfme) is vulnerable to an improper security setting in the dRuby component of CloudForms. An attacker with accEPSS 0.5%CVE-2024-25133HIGHOpenshift-dedicated: hive: rce through aws/kubernetes client configuration leads to privilege escalationEPSS 0.5%CVE-2026-46889CRITICALVulnerability in the Siebel Apps - Marketing product of Oracle Siebel CRM (component: Marketing). Supported versions that are affected are EPSS 0.5%CVE-2026-46887CRITICALVulnerability in the Siebel Apps - Marketing product of Oracle Siebel CRM (component: Marketing). Supported versions that are affected are EPSS 0.5%CVE-2022-47634HIGHM-Link Archive Server in Isode M-Link R16.2v1 through R17.0 before R17.0v24 allows non-administrative users to access and manipulate archiveEPSS 0.5%CVE-2026-13553MEDIUMitsourcecode Online Hotel Management System controller.php add unrestricted uploadEPSS 0.5%CVE-2026-34045HIGHPodman Desktop WebView Server ExposedEPSS 0.5%CVE-2020-15279MEDIUMScanning exclusion paths disclosure in BEST for WindowsEPSS 0.5%CVE-2026-35307CRITICALVulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.EPSS 0.5%CVE-2026-46883CRITICALVulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Enterprise Infrastructure Security). SupportedEPSS 0.5%CVE-2026-35309CRITICALVulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Centralized Third Party Jars). Supported versions thaEPSS 0.5%CVE-2026-46902CRITICALVulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite (component: Core). Supported versions thEPSS 0.5%CVE-2026-46904CRITICALVulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Enterprise Infrastructure Security). SupportedEPSS 0.5%CVE-2022-44643MEDIUMAccess policy with access to all tenants and using label selectors has more accessEPSS 0.5%CVE-2026-46766CRITICALVulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Supported versions that are EPSS 0.5%CVE-2026-46881CRITICALVulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Enterprise Infrastructure Security). SupportedEPSS 0.5%CVE-2023-41570MikroTik RouterOS v7.1 to 7.11 was discovered to contain incorrect access control mechanisms in place for the Rest API.EPSS 0.5%CVE-2022-21586MEDIUMVulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supportEPSS 0.5%CVE-2026-46882CRITICALVulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Enterprise Infrastructure Security). SupportedEPSS 0.5%