Fallos del tipo CWE-284

4436 resultados
CVE-2024-7429MEDIUMZotpress <= 7.3.12 - Missing AuthorizationEPSS 0.4%CVE-2023-33155HIGHWindows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilityEPSS 0.4%CVE-2026-46910CRITICALVulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Enterprise Infrastructure Security). SupportedEPSS 0.4%CVE-2024-27187HIGH[20240804] - Core - Improper ACL for backend profile viewEPSS 0.4%CVE-2024-0437MEDIUMPassword Protected – Ultimate Plugin to Password Protect Your WordPress Content with Ease <= 2.6.6 - Missing Authorization to Sensitive Information ExposureEPSS 0.4%CVE-2024-41703MEDIUMLibreChat through 0.7.4-rc1 has incorrect access control for message updates.EPSS 0.4%CVE-2025-46014HIGHSeveral services in Honor Device Co., Ltd Honor PC Manager v16.0.0.118 was discovered to connect services to the named pipe iMateBookAssistaEPSS 0.4%CVE-2025-1568HIGHAccess Control Vulnerability in Gerrit chromiumos project configuration in Google ChromeOS 16063.87.0 allows an attacker with a registered GEPSS 0.4%CVE-2026-46614CRITICALFission router exposes /fission-function/<ns>/<name> on its public listener, allowing invocation of any function without an HTTPTriggerEPSS 0.4%CVE-2026-35306CRITICALVulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Centralized Third Party Jars). The supported versionEPSS 0.4%CVE-2024-36399HIGHKanboard affected by Project Takeover via IDOR in ProjectPermissionControllerEPSS 0.4%CVE-2025-14197MEDIUMVerysync 微力同步 Web Administration f96956469e7be39d information disclosureEPSS 0.4%CVE-2025-30694MEDIUMVulnerability in the XML Database component of Oracle Database Server. Supported versions that are affected are 19.3-19.26, 21.3-21.17 and EPSS 0.4%CVE-2026-22728MEDIUMsealed-secrets /v1/rotate can widen sealing scope to cluster-wide via attacker-controlled template annotationsEPSS 0.4%CVE-2026-46839CRITICALVulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vuEPSS 0.4%CVE-2026-41856HIGHSpring GraphQL Annotation Detection VulnerabilityEPSS 0.4%CVE-2024-10937MEDIUMRelated Posts, Inline Related Posts, Contextual Related Posts, Related Content By PickPlugins <= 2.0.58 - Sensitive Information ExposureEPSS 0.4%CVE-2026-46898HIGHVulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite (component: Core). Supported versions thEPSS 0.4%CVE-2026-51221HIGHA buffer overflow in the Get_Attribute_List function of EIPStackGroup OpENer commit 76b95c allows attackers to cause a Denial of Service (DoEPSS 0.4%CVE-2025-28231CRITICALIncorrect access control in Itel Electronics IP Stream v1.7.0.6 allows unauthorized attackers to execute arbitrary commands with AdministratEPSS 0.4%