Falhas do tipo CWE-284
4.445 resultadosCVE-2026-48204CRITICALApache Camel: Camel-MongoDB-GridFS: The gridfs.* control headers used non-Camel-prefixed names that bypass the HTTP header filter, allowing an HTTP client to switch the GridFS operation - including destructive file deletion - in the default configurationEPSS 0.3%CVE-2026-46819CRITICALVulnerability in the Oracle Internet Procurement Connector product of Oracle E-Business Suite (component: Internal Operations). Supported vEPSS 0.3%CVE-2020-11931LOWUbuntu modifications to pulseaudio to provide snap security enforcement could be unloadedEPSS 0.3%CVE-2025-13544MEDIUMashraf-kabir travel-agency customer_register.php unrestricted uploadEPSS 0.3%CVE-2022-39877MEDIUMImproper access control vulnerability in ProfileSharingAccount in Group Sharing prior to versions 13.0.6.15 in Android S(12), 13.0.6.14 in AEPSS 0.3%CVE-2024-30107LOWHCL Connections is vulnerable to broken access controlEPSS 0.3%CVE-2023-4640MEDIUMSet Logging Level Without AuthenticationEPSS 0.3%CVE-2024-24487MEDIUMAn issue discovered in silex technology DS-600 Firmware v.1.4.1 allows a remote attacker to cause a denial of service via crafted UDP packetEPSS 0.3%CVE-2026-30707HIGHAn issue was discovered in SpeedExam Online Examination System (SaaS) after v.FEV2026. It allows Broken Access Control via the ReviewAnswerDEPSS 0.3%CVE-2025-29270CRITICALIncorrect access control in the realtime.cgi endpoint of Deep Sea Electronics devices DSE855 v1.1.0 to v1.1.26 allows attackers to gain acceEPSS 0.3%CVE-2024-4263MEDIUMImproper Access Control in mlflow/mlflowEPSS 0.3%CVE-2025-46889MEDIUMAdobe Experience Manager | Improper Access Control (CWE-284)EPSS 0.3%CVE-2026-30855HIGHWeKnora: Broken Access Control in Tenant ManagementEPSS 0.3%CVE-2025-10085MEDIUMSourceCodester Pet Grooming Management Software manage_website.php unrestricted uploadEPSS 0.3%CVE-2024-40547MEDIUMPublicCMS v4.0.202302.e was discovered to contain an arbitrary file content replacement vulnerability via the component /admin/cmsTemplate/rEPSS 0.3%CVE-2025-23329HIGHNVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause memory corruption by identifyingEPSS 0.3%CVE-2024-5470LOWImproper Access Control in GitLabEPSS 0.3%CVE-2025-10615MEDIUMitsourcecode E-Commerce Website products.php unrestricted uploadEPSS 0.3%CVE-2025-61234HIGHIncorrect access control on Dataphone A920 v2025.07.161103 exposes a service on port 8888 by default on the local network without authenticaEPSS 0.3%CVE-2020-35546CRITICALLexmark MX6500 LW75.JD.P296 and previous devices have Incorrect Access Control via the access control settings.EPSS 0.3%