Fallos del tipo CWE-284

4428 resultados
CVE-2026-46784CRITICALVulnerability in the WebCenter Content: Imaging product of Oracle Fusion Middleware (component: Core). Supported versions that are affectedEPSS 0.4%CVE-2025-46608CRITICALDell Data Lakehouse, versions prior to 1.6.0.0, contain(s) an Improper Access Control vulnerability. A high privileged attacker with remote EPSS 0.4%CVE-2025-11853MEDIUMSismics Teedy API Endpoint file access controlEPSS 0.4%CVE-2025-27191MEDIUMAdobe Commerce | Improper Access Control (CWE-284)EPSS 0.4%CVE-2024-37566CRITICALInfoblox NIOS through 8.6.4 has Improper Authentication for Grids.EPSS 0.4%CVE-2025-10447MEDIUMCampcodes Online Job Finder System applicationform.php unrestricted uploadEPSS 0.4%CVE-2025-5178MEDIUMRealce Tecnologia Queue Ticket Kiosk Image File ajax.php unrestricted uploadEPSS 0.4%CVE-2025-10424MEDIUM1000projects Online Student Project Report Submission and Evaluation System faculty_controller.php unrestricted uploadEPSS 0.4%CVE-2025-10600MEDIUMSourceCodester Online Exam Form Submission register.php unrestricted uploadEPSS 0.4%CVE-2024-28969MEDIUMDell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal update REST API EPSS 0.4%CVE-2025-50087MEDIUMVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.EPSS 0.4%CVE-2026-32761MEDIUMFile Browser has an Authorization Policy Bypass in its Public Share Download FlowEPSS 0.4%CVE-2025-8798MEDIUMoitcode samarium Create Product product unrestricted uploadEPSS 0.4%CVE-2025-10616MEDIUMitsourcecode E-Commerce Website users.php unrestricted uploadEPSS 0.4%CVE-2024-39701MEDIUMDirectus Incorrectly handles _in` filterEPSS 0.4%CVE-2024-33647MEDIUMA vulnerability has been identified in Polarion ALM (All versions < V2404.0). The Apache Lucene based query engine in the affected applicatiEPSS 0.4%CVE-2022-23485MEDIUMInvite code reuse via cookie manipulation in sentryEPSS 0.4%CVE-2024-57433HIGHmacrozheng mall-tiny 1.0.1 is vulnerable to Incorrect Access Control via the logout function. After a user logs out, their token is still avEPSS 0.4%CVE-2025-43454HIGHThis issue was addressed through improved state management. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1. AEPSS 0.4%CVE-2022-1959MEDIUMAppLock version 7.9.29 allows an attacker with physical access to the device to bypass biometric authentication. This is possible because thEPSS 0.4%