Fallos del tipo CWE-284

4436 resultados
CVE-2022-31231MEDIUMDell ECS, versions 3.5 and 3.6, contain an Improper Access Control in the Identity and Access Management (IAM) module. A remote unauthenticaEPSS 0.3%CVE-2025-15360MEDIUMnewbee-mall-plus Product Information Edit UploadController.java upload unrestricted uploadEPSS 0.3%CVE-2025-59273HIGHAzure Event Grid System Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2025-59932HIGHFlagForgeCTF Unauthenticated Resource Modification/DeletionEPSS 0.3%CVE-2020-12024Baxter ExactaMix EM 2400 versions 1.10, 1.11, 1.13, 1.14 and ExactaMix EM1200 Versions 1.1, 1.2, 1.4 and 1.5 does not restrict access to theEPSS 0.3%CVE-2026-2978MEDIUMFastApiAdmin Scheduled Task API controller.py upload_file_controller unrestricted uploadEPSS 0.3%CVE-2026-46899CRITICALVulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite (component: Core). Supported versions thEPSS 0.3%CVE-2026-1742MEDIUMEFM ipTIME A8004T VPN Service timepro.cgi commit_vpncli_file_upload unrestricted uploadEPSS 0.3%CVE-2025-13574MEDIUMcode-projects Online Bidding System addcategory.php categoryadd unrestricted uploadEPSS 0.3%CVE-2025-5108MEDIUMzongzhige ShopXO ZIP File Payment.php Upload unrestricted uploadEPSS 0.3%CVE-2026-28824MEDIUMAn authorization issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOSEPSS 0.3%CVE-2024-20916HIGHVulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Event Management). The suppoEPSS 0.3%CVE-2026-28828MEDIUMA permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS TEPSS 0.3%CVE-2025-15110MEDIUMjackq XCMS Backend ProductImageController.class.php upload unrestricted uploadEPSS 0.3%CVE-2025-45424MEDIUMIncorrect access control in Xinference before v1.4.0 allows attackers to access the Web GUI without authentication.EPSS 0.3%CVE-2024-8071MEDIUMSystem Role with edit access to permissions can elevate themselves to system adminEPSS 0.3%CVE-2024-23681HIGHArtemis Java Test Sandbox Libary Load EscapeEPSS 0.3%CVE-2025-41258HIGHLibreChat RAG API Authentication BypassEPSS 0.3%CVE-2025-7572MEDIUMLB-LINK BL-WR9000 lighttpd.cgi bs_GetHostInfo information disclosureEPSS 0.3%CVE-2024-46916HIGHDiebold Nixdorf Vynamic Security Suite through 4.3.0 SR06 contains functionality that allows the removal of critical system files before theEPSS 0.3%