Falhas do tipo CWE-284
4.436 resultadosCVE-2016-8656HIGHJboss jbossas before versions 5.2.0-23, 6.4.13, 7.0.5 is vulnerable to an unsafe file handling in the jboss init script which could result iEPSS 0.4%CVE-2026-37979MEDIUMKeycloak: keycloak: information disclosure via oidc token introspection endpoint audience bypassEPSS 0.4%CVE-2025-11136MEDIUMYiFang CMS Backend File.php webUploader unrestricted uploadEPSS 0.4%CVE-2025-8795MEDIUMLitmusChaos Litmus login access controlEPSS 0.4%CVE-2026-46927HIGHVulnerability in the Oracle Receivables product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are afEPSS 0.4%CVE-2026-35320CRITICALVulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Supported versions that are EPSS 0.4%CVE-2025-9973MEDIUMAuthorization Bypass via Adaptive Authentication in WSO2 Identity Server Allows Cross-Organization Account TakeoverEPSS 0.4%CVE-2024-8216MEDIUMnafisulbari/itsourcecode Insurance Management System Payment editPayment.php access controlEPSS 0.4%CVE-2026-11344MEDIUMcode-projects Vehicle Management System New Driver Registration Form newdriver.php unrestricted uploadEPSS 0.4%CVE-2026-2768CRITICALSandbox escape in the Storage: IndexedDB componentEPSS 0.4%CVE-2024-23447MEDIUMElastic Network Drive Connector Improper Access ControlEPSS 0.4%CVE-2026-2226MEDIUMDouPHP ZIP File file.php unrestricted uploadEPSS 0.4%CVE-2023-46666MEDIUMElastic Sharepoint Online Python Connector Improper Access ControlEPSS 0.4%CVE-2025-5425MEDIUMjuzaweb CMS Theme Editor Page default access controlEPSS 0.4%CVE-2025-45615CRITICALIncorrect access control in the /admin/ API of yaoqishan v0.0.1-SNAPSHOT allows attackers to gain access to Admin rights via a crafted requeEPSS 0.4%CVE-2022-2792MEDIUMEmerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-284 Improper Access Control, and stores project data EPSS 0.4%CVE-2026-0643MEDIUMprojectworlds House Rental and Property Listing Signup register.php unrestricted uploadEPSS 0.4%CVE-2025-45616CRITICALIncorrect access control in the /admin/** API of brcc v1.2.0 allows attackers to gain access to Admin rights via a crafted request.EPSS 0.4%CVE-2025-43308LOWThis issue was addressed with additional entitlement checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. AEPSS 0.4%CVE-2025-11354MEDIUMcode-projects Online Hotel Reservation System addslideexec.php unrestricted uploadEPSS 0.4%