Falhas do tipo CWE-284
4.445 resultadosCVE-2026-0547MEDIUMPHPGurukul Online Course Registration Student Registration edit-student-profile.php unrestricted uploadEPSS 0.3%CVE-2025-45614HIGHIncorrect access control in the component /api/user/manager of One v1.0 allows attackers to access sensitive information via a crafted payloEPSS 0.3%CVE-2024-20938MEDIUMVulnerability in the Oracle iStore product of Oracle E-Business Suite (component: ECC). Supported versions that are affected are 12.2.3-12.EPSS 0.3%CVE-2023-31346MEDIUMFailure to initialize
memory in SEV Firmware may allow a privileged attacker to access stale data
from other guests.
EPSS 0.3%CVE-2024-21150MEDIUMVulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are EPSS 0.3%CVE-2025-45613HIGHIncorrect access control in the component /user/list of Shiro-Action v0.6 allows attackers to access sensitive information via a crafted payEPSS 0.3%CVE-2025-45608HIGHIncorrect access control in the /system/user/findUserList API of Xinguan v0.0.1-SNAPSHOT allows attackers to access sensitive information viEPSS 0.3%CVE-2026-0577MEDIUMcode-projects Online Product Reservation System prod.php unrestricted uploadEPSS 0.3%CVE-2026-4220MEDIUMTechnologies Integrated Management Platform SetWebpagePic.jsp unrestricted uploadEPSS 0.3%CVE-2024-13635MEDIUMVK Blocks <= 1.94.2.2 - Missing Authorization to Sensitive Information ExposureEPSS 0.3%CVE-2025-45617HIGHIncorrect access control in the component /user/list of production_ssm v0.0.1-SNAPSHOT allows attackers to access sensitive information via EPSS 0.3%CVE-2025-45609HIGHIncorrect access control in the doFilter function of kob latest v1.0.0-SNAPSHOT allows attackers to access sensitive information via a craftEPSS 0.3%CVE-2024-13855MEDIUMPrime Addons for Elementor <= 2.0.1 - Authenticated (Contributor+) Insecure Direct Object Reference via pae_global_block ShortcodeEPSS 0.3%CVE-2026-45654HIGHSecure Boot Security Feature Bypass VulnerabilityEPSS 0.3%CVE-2025-53501HIGHContent Access Bypass in ScribuntoEPSS 0.3%CVE-2024-20936MEDIUMVulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite (component: Documents). Supported versions that are aEPSS 0.3%CVE-2024-6727MEDIUMBroken Access Control in DelphixEPSS 0.3%CVE-2026-2075MEDIUMyeqifu warehouse Role-Permission Binding RoleController.java saveRolePermission access controlEPSS 0.3%CVE-2026-1181CRITICALAltium 365 Over-Permissive CORS Configuration Allows Credentialed Cross-Origin Workspace AccessEPSS 0.3%CVE-2023-23908MEDIUMImproper access control in some 3rd Generation Intel(R) Xeon(R) Scalable processors may allow a privileged user to potentially enable informEPSS 0.3%