Fallos del tipo CWE-284
4445 resultadosCVE-2026-46870HIGHVulnerability in the MySQL Shell product of Oracle MySQL (component: Shell for VS Code). The supported version that is affected is 2026.2.EPSS 0.3%CVE-2025-7190MEDIUMcode-projects Library Management System student_edit_photo.php unrestricted uploadEPSS 0.3%CVE-2025-7413MEDIUMcode-projects Library System profile.php unrestricted uploadEPSS 0.3%CVE-2026-46966HIGHVulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Site Level Administration). SEPSS 0.3%CVE-2026-46934HIGHVulnerability in the Oracle Complex Maintenance, Repair and Overhaul product of Oracle E-Business Suite (component: Internal Operations). SEPSS 0.3%CVE-2024-13430MEDIUMPage Builder: Pagelayer – Drag and Drop website builder <= 1.9.8 - Authenticated (Contributor+) Private Post Disclosure in pagelayer_builder_posts_shortcodeEPSS 0.3%CVE-2024-21848LOWUsers maintain access to active call after being removed from a channelEPSS 0.3%CVE-2026-46915HIGHVulnerability in the Oracle Complex Maintenance, Repair and Overhaul product of Oracle E-Business Suite (component: Production). Supported EPSS 0.3%CVE-2026-46957HIGHVulnerability in the Oracle iSupplier Portal product of Oracle E-Business Suite (component: Internal Operations). Supported versions that aEPSS 0.3%CVE-2025-7412MEDIUMcode-projects Library System profile.php unrestricted uploadEPSS 0.3%CVE-2026-5003MEDIUMPromtEngineer localGPT Web api_server.py handle_index information disclosureEPSS 0.3%CVE-2026-46935HIGHVulnerability in the Oracle Complex Maintenance, Repair and Overhaul product of Oracle E-Business Suite (component: Internal Operations). SEPSS 0.3%CVE-2024-13457MEDIUMEvent Tickets <= 5.18.1 - Insecure Direct Object Reference to Sensitive Information ExposureEPSS 0.3%CVE-2025-24173HIGHThis issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 1EPSS 0.3%CVE-2025-9099MEDIUMAcrel Environmental Monitoring Cloud Platform UploadNewsImg unrestricted uploadEPSS 0.3%CVE-2025-68721HIGHAxigen Mail Server before 10.5.57 contains an improper access control vulnerability in the WebAdmin interface. A delegated admin account witEPSS 0.3%CVE-2026-8752MEDIUMh2oai h2o-3 Rapids setproperty Primitive AstSetProperty.java exec access controlEPSS 0.3%CVE-2024-20948MEDIUMVulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite (component: Setup, Admin). Supported versions that are EPSS 0.3%CVE-2026-0547MEDIUMPHPGurukul Online Course Registration Student Registration edit-student-profile.php unrestricted uploadEPSS 0.3%CVE-2026-33951MEDIUMsignalk-server: Unauthenticated Source Priorities ManipulationEPSS 0.3%