Fallos del tipo CWE-284
4448 resultadosCVE-2025-10957HIGHUnrestricted FTP Access Vulnerability in Syrotech RouterEPSS 0.3%CVE-2021-34401HIGHNVIDIA Linux kernel distributions contain a vulnerability in nvmap NVGPU_IOCTL_CHANNEL_SET_ERROR_NOTIFIER, where improper access control mayEPSS 0.3%CVE-2025-37131MEDIUMAuthenticated Arbitrary File Read allows Data Exposure in CLI InterfaceEPSS 0.3%CVE-2025-11417MEDIUMCampcodes Advanced Online Voting Management System voters_add.php unrestricted uploadEPSS 0.3%CVE-2026-35235MEDIUMVulnerability in the MySQL Server product of Oracle MySQL (component: Server: GIS). Supported versions that are affected are 9.0.0-9.6.0. EEPSS 0.3%CVE-2026-36738MEDIUMU-SPEED AC1200 Gigabit Wi-Fi Router (Model: T18-21K) V1.0 is vulnerable to Incorrect Access Control. The device exposes a UART interface thaEPSS 0.3%CVE-2026-20632MEDIUMA parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Tahoe 26.4. An EPSS 0.3%CVE-2026-1152MEDIUMtechnical-laohu mpay QR Code Image unrestricted uploadEPSS 0.3%CVE-2025-11352MEDIUMcode-projects Online Hotel Reservation System addexec.php unrestricted uploadEPSS 0.3%CVE-2025-9841MEDIUMcode-projects Mobile Shop Management System AddNewProduct.php unrestricted uploadEPSS 0.3%CVE-2026-35234MEDIUMVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Partition). Supported versions that are affected are 9.0.0-9.EPSS 0.3%CVE-2025-14885MEDIUMSourceCodester Client Database Management System Leads Generation user_leads.php unrestricted uploadEPSS 0.3%CVE-2026-3800MEDIUMSourceCodester/janobe Resort Reservation System controller.php doInsert unrestricted uploadEPSS 0.3%CVE-2026-23595HIGHUnauthenticated Authentication Bypass in application API allows unauthorized administrative account creationEPSS 0.3%CVE-2026-29597MEDIUMDDSN Interactive cm3 Acora CMS version 10.7.1 contains an improper access control vulnerability. An editor-privileged user can access sensitEPSS 0.3%CVE-2025-8859MEDIUMcode-projects eBlog Site File Upload save-slider.php unrestricted uploadEPSS 0.3%CVE-2023-24490MEDIUMUsers with only access to launch VDA applications can launch an unauthorized desktopEPSS 0.3%CVE-2025-54563HIGHAn Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which aEPSS 0.3%CVE-2020-9046HIGHKantech EntraPass Security Management Software - System Permissions VulnerabilityEPSS 0.3%CVE-2025-28041HIGHIncorrect access control in the doFilter function of itranswarp up to 2.19 allows attackers to access sensitive components without authenticEPSS 0.3%