Fallos del tipo CWE-284
4428 resultadosCVE-2026-46864HIGHVulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Agent Next Gen). Supported veEPSS 0.4%CVE-2024-2191MEDIUMImproper Access Control in GitLabEPSS 0.4%CVE-2026-35268CRITICALVulnerability in the Identity Manager product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.EPSS 0.4%CVE-2025-63525CRITICALAn issue was discovered in Blood Bank Management System 1.0 allowing authenticated attackers to perform actions with escalated privileges viEPSS 0.4%CVE-2024-46097HIGHTestLink 1.9.20 is vulnerable to Incorrect Access Control in the TestPlan editing section. When a new TestPlan is created, an ID with an incEPSS 0.4%CVE-2025-25962CRITICALAn issue in Coresmartcontracts Uniswap v.3.0 and fixed in v.4.0 allows a remote attacker to escalate privileges via the _modifyPosition funcEPSS 0.4%CVE-2025-46619HIGHA security issue has been discovered in Couchbase Server before 7.6.4 and fixed in v.7.6.4 and v.7.2.7 for Windows that could allow unauthorEPSS 0.4%CVE-2025-5436MEDIUMMultilaser Sirius RE016 cstecgi.cgi information disclosureEPSS 0.4%CVE-2025-20130MEDIUMCisco Identity Services Engine Access Control Bypass VulnerabilityEPSS 0.4%CVE-2025-4036MEDIUM201206030 Novel Chapter AuthorController.java updateBookChapter access controlEPSS 0.4%CVE-2023-4183MEDIUMSourceCodester Inventory Management System Password edit_update.php access controlEPSS 0.4%CVE-2025-66430CRITICALPlesk 18.0 has Incorrect Access Control.EPSS 0.4%CVE-2026-32102HIGHOliveTin Unauthorized Action Output Disclosure via EventStreamEPSS 0.4%CVE-2025-63666CRITICALTenda AC15 v15.03.05.18_multi) issues an authentication cookie that exposes the account password hash to the client and uses a short, low-enEPSS 0.4%CVE-2024-1288MEDIUMSchema & Structured Data for WP & AMP <= 1.26 - Missing Authorization to reCaptcha Key ModificationEPSS 0.4%CVE-2024-37315LOWNextcloud Server's read-only users can restore old versionsEPSS 0.4%CVE-2025-7538MEDIUMCampcodes Sales and Inventory System product_update.php unrestricted uploadEPSS 0.4%CVE-2025-7470MEDIUMCampcodes Sales and Inventory System product_add.php unrestricted uploadEPSS 0.4%CVE-2024-7154MEDIUMTOTOLINK A3700R Password Reset wizard.html access controlEPSS 0.4%CVE-2026-46775CRITICALVulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vuEPSS 0.4%