Fallos del tipo CWE-284

4396 resultados
CVE-2025-9804CRITICALImproper Access Control in Multiple WSO2 Products via Internal SOAP Admin Services and System REST APIsEPSS 0.5%CVE-2026-46860CRITICALVulnerability in the MySQL Router product of Oracle MySQL (component: Router: General). Supported versions that are affected are 9.0.0-9.7.EPSS 0.5%CVE-2025-30710MEDIUMVulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: NDBCluster Plugin). Supported versions that are affected arEPSS 0.5%CVE-2026-46857CRITICALVulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Oracle Management Service). SEPSS 0.5%CVE-2024-37742HIGHInsecure Access Control in Safe Exam Browser (SEB) = 3.5.0 on Windows. The vulnerability allows an attacker to share clipboard data between EPSS 0.5%CVE-2025-28232CRITICALIncorrect access control in the HOME.php endpoint of JMBroadcast JMB0150 Firmware v1.0 allows attackers to access the Admin panel without auEPSS 0.5%CVE-2025-0335MEDIUMcode-projects Online Bike Rental System Change Image unrestricted uploadEPSS 0.5%CVE-2025-51529MEDIUMIncorrect Access Control in the AJAX endpoint functionality in jonkastonka Cookies and Content Security Policy plugin through version 2.29 aEPSS 0.5%CVE-2021-47155CRITICALThe Net::IPV4Addr module 0.10 for Perl does not properly consider extraneous zero characters in an IP address string, which (in some situatiEPSS 0.5%CVE-2025-0403MEDIUM1902756969 reggie Phone Number Validation sendMsg information disclosureEPSS 0.5%CVE-2024-41912CRITICALA vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The firmware flaw does not properly iEPSS 0.5%CVE-2025-3123MEDIUMWonderCMS Theme Installation/Plugin Installation installUpdateModuleAction unrestricted uploadEPSS 0.5%CVE-2025-28409HIGHAn issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the add method of the /add/{parentId} endpoint does not properEPSS 0.5%CVE-2023-1007MEDIUMTwister Antivirus IoControlCode filmfd.sys 0x801120E4 access controlEPSS 0.5%CVE-2025-28407HIGHAn issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the edit method of the /edit/{dictId} endpoint does not properEPSS 0.5%CVE-2025-2035MEDIUMs-a-zhd Ecommerce-Website-using-PHP customer_register.php unrestricted uploadEPSS 0.5%CVE-2024-48932MEDIUMZimaOS Unauthenticated API Discloses UsernamesEPSS 0.5%CVE-2025-3664MEDIUMTOTOLINK A3700R cstecgi.cgi setWiFiEasyGuestCfg access controlEPSS 0.5%CVE-2025-3665MEDIUMTOTOLINK A3700R cstecgi.cgi setSmartQosCfg access controlEPSS 0.5%CVE-2025-20341HIGHCisco Catalyst Center Privilege Escalation VulnerabilityEPSS 0.5%