Falhas do tipo CWE-284

4.436 resultados
CVE-2025-7152MEDIUMCampcodes Advanced Online Voting System candidates_add.php unrestricted uploadEPSS 0.4%CVE-2025-30736HIGHVulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.26, 21.3-21.17 and 23.4EPSS 0.4%CVE-2025-7124MEDIUMcode-projects Online Note Sharing Profile Image userprofile.php unrestricted uploadEPSS 0.4%CVE-2025-6592LOWCreating a permanent account from a temporary account associates temp username and IP address with real username in AbuseLogEPSS 0.4%CVE-2023-52537HIGHVulnerability of package name verification being bypassed in the HwIms module. Impact: Successful exploitation of this vulnerability will afEPSS 0.4%CVE-2022-36385MEDIUMContec Health CMS8000EPSS 0.4%CVE-2025-3298MEDIUMSourceCodester Online Eyewear Shop Registration Master.php access controlEPSS 0.4%CVE-2026-27449HIGHUmbraco.Engage.Forms Allows Unauthorized Access to Multiple API EndpointsEPSS 0.4%CVE-2025-3305MEDIUM1902756969/code-projects IKUN_Library Borrow MvcConfig.java addInterceptors access controlEPSS 0.4%CVE-2020-3122MEDIUMCisco Content Security Management Appliance Information Disclosure VulnerabilityEPSS 0.4%CVE-2024-48905CRITICALSematell ReplyOne 7.4.3.0 has Insecure Permissions for the /rest/sessions endpoint.EPSS 0.4%CVE-2025-6422MEDIUMCampcodes Online Recruitment Management System About Content Page ajax.php unrestricted uploadEPSS 0.4%CVE-2025-12862MEDIUMprojectworlds Online Notes Sharing Platform userprofile.php unrestricted uploadEPSS 0.4%CVE-2024-28805CRITICALAn issue was discovered in Italtel i-MCS NFV 12.1.0-20211215. There is Incorrect Access Control.EPSS 0.4%CVE-2025-7151MEDIUMCampcodes Advanced Online Voting System voters_add.php unrestricted uploadEPSS 0.4%CVE-2025-9774MEDIUMRemoteClinic edit-patient.php information disclosureEPSS 0.4%CVE-2025-62721HIGHLinkAce: Authorization Bypass Allows Unauthorized Access to All Private Links, Lists, and TagsEPSS 0.4%CVE-2025-1791MEDIUMZorlan SkyCaiji Tool.php fileAction unrestricted uploadEPSS 0.4%CVE-2025-66509HIGHLaraDashboard: 1-Click Pre-Auth RCE via Host Header + Module Installation ChainEPSS 0.4%CVE-2025-55368HIGHIncorrect access control in the component \controller\RoleController.java of jshERP v3.5 allows unauthorized attackers to arbitrarily modifyEPSS 0.4%