Falhas do tipo CWE-284

4.436 resultados
CVE-2026-46898HIGHVulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite (component: Core). Supported versions thEPSS 0.4%CVE-2025-5426MEDIUMjuzaweb CMS Menu Page menus access controlEPSS 0.4%CVE-2024-30418HIGHVulnerability of insufficient permission verification in the app management module. Impact: Successful exploitation of this vulnerability wiEPSS 0.4%CVE-2025-6741HIGHImproper access control in secure message component in Devolutions Server allows an authenticated user to steal unauthorized entries via theEPSS 0.4%CVE-2024-0810MEDIUMInsufficient policy enforcement in DevTools in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a maEPSS 0.4%CVE-2025-5421MEDIUMjuzaweb CMS Plugin Editor Page editor access controlEPSS 0.4%CVE-2025-32796MEDIUMDify Allows Unauthorized APP Enable/Disable via APIEPSS 0.4%CVE-2023-52105HIGHThe nearby module has a privilege escalation vulnerability. Successful exploitation of this vulnerability may affect availability.EPSS 0.4%CVE-2025-5427MEDIUMjuzaweb CMS Permalinks Page permalinks access controlEPSS 0.4%CVE-2025-12331MEDIUMWillow CMS add unrestricted uploadEPSS 0.4%CVE-2025-5423MEDIUMjuzaweb CMS General Setting Page general access controlEPSS 0.4%CVE-2025-5428MEDIUMjuzaweb CMS Error Logs Page log-viewer access controlEPSS 0.4%CVE-2025-5429MEDIUMjuzaweb CMS Plugins Page install access controlEPSS 0.4%CVE-2024-28968MEDIUMDell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for internal email and collectioEPSS 0.3%CVE-2024-43397MEDIUMPotential unauthorized access issue in apollo-portalEPSS 0.3%CVE-2024-45735MEDIUMImproper Access Control for low-privileged user in Splunk Secure Gateway AppEPSS 0.3%CVE-2024-28965MEDIUMDell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal enable REST API EPSS 0.3%CVE-2024-35222MEDIUMiFrames Bypass Origin Checks for Tauri API Access ControlEPSS 0.3%CVE-2025-45729MEDIUMD-Link DIR-823-Pro 1.02 has improper permission control, allowing unauthorized users to turn on and access Telnet services.EPSS 0.3%CVE-2025-57266CRITICALAn issue was discovered in file AssistantController.java in ThriveX Blogging Framework 2.5.9 thru 3.1.3 allowing unauthenticated attackers tEPSS 0.3%