Falhas do tipo CWE-284
4.447 resultadosCVE-2025-61758MEDIUMVulnerability in the PeopleSoft Enterprise FIN IT Asset Management product of Oracle PeopleSoft (component: IT Asset Management). The suppEPSS 0.3%CVE-2024-55025MEDIUMIncorrect access control in the VNC component of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to access tEPSS 0.3%CVE-2023-1490MEDIUMMax Secure Anti Virus Plus IoControlCode SDActMon.sys 0x220020 access controlEPSS 0.3%CVE-2025-11426MEDIUMprojectworlds Advanced Library Management System edit_book.php unrestricted uploadEPSS 0.3%CVE-2019-20462MEDIUMAn issue was discovered on Alecto IVM-100 2019-11-12 devices. The device comes with a serial interface at the board level. By attaching to tEPSS 0.3%CVE-2024-53348HIGHLoxiLB v.0.9.7 and before is vulnerable to Incorrect Access Control which allows attackers to obtain sensitive information and escalate privEPSS 0.3%CVE-2025-10398MEDIUMfcba_zzm ics-park Smart Park Management System FileUploadUtils.java unrestricted uploadEPSS 0.3%CVE-2025-11078MEDIUMitsourcecode Open Source Job Portal controller.php unrestricted uploadEPSS 0.3%CVE-2023-1491MEDIUMMax Secure Anti Virus Plus IoControlCode MaxCryptMon.sys 0x220020 access controlEPSS 0.3%CVE-2026-28930HIGHA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.5. An app may be able to access protecEPSS 0.3%CVE-2024-41732MEDIUMImproper Access Control in SAP Netweaver Application Server ABAPEPSS 0.3%CVE-2026-46916HIGHVulnerability in the Oracle Process Manufacturing Product Development product of Oracle E-Business Suite (component: Quality Management SpecEPSS 0.3%CVE-2022-48615MEDIUMAn improper access control vulnerability exists in a Huawei datacom product. Attackers can exploit this vulnerability to obtain partial deviEPSS 0.3%CVE-2024-20911LOWVulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Supported versions that are affected are 20.1-20.9. DifficEPSS 0.3%CVE-2025-10957HIGHUnrestricted FTP Access Vulnerability in Syrotech RouterEPSS 0.3%CVE-2026-50545CRITICALFission Environment CRD PodSpec Injection Leading to Node Escape and Cluster TakeoverEPSS 0.3%CVE-2025-37131MEDIUMAuthenticated Arbitrary File Read allows Data Exposure in CLI InterfaceEPSS 0.3%CVE-2025-65098HIGHTypebot Vulnerable to Credential Theft via Client-Side Script Execution and API Authorization BypassEPSS 0.3%CVE-2021-34401HIGHNVIDIA Linux kernel distributions contain a vulnerability in nvmap NVGPU_IOCTL_CHANNEL_SET_ERROR_NOTIFIER, where improper access control mayEPSS 0.3%CVE-2025-20230MEDIUMMissing Access Control and Incorrect Ownership of Data in App Key Value Store (KVStore) collections in the Splunk Secure Gateway AppEPSS 0.3%