Falhas do tipo CWE-284
4.449 resultadosCVE-2023-42945CRITICALA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.1. An app may gain unauthorized accesEPSS 0.3%CVE-2024-42021HIGHAn improper access control vulnerability allows an attacker with valid access tokens to access saved credentials.EPSS 0.3%CVE-2026-3800MEDIUMSourceCodester/janobe Resort Reservation System controller.php doInsert unrestricted uploadEPSS 0.3%CVE-2026-47366HIGHImproper verification of access permissions when modifying permissions through the Administration Control Panel (ACP) allowed an authenticatEPSS 0.3%CVE-2023-24490MEDIUMUsers with only access to launch VDA applications can launch an unauthorized desktopEPSS 0.3%CVE-2025-55471HIGHIncorrect access control in the getUserFormData function of youlai-boot v2.21.1 allows attackers to access sensitive information for other uEPSS 0.3%CVE-2024-48899MEDIUMMoodle: idor when accessing list of course badgesEPSS 0.3%CVE-2025-9139MEDIUMScada-LTS WatchListDwr.init.dwr information disclosureEPSS 0.3%CVE-2024-46280HIGHPIX-LINK LV-WR22 RE3002-P1-01_V117.0 is vulnerable to Improper Access Control. The TELNET service is enabled with weak credentials for a rooEPSS 0.3%CVE-2026-2146MEDIUMguchengwuyue yshopmall co.yixiang.utils.FileUtil updateAvatar unrestricted uploadEPSS 0.3%CVE-2023-38132—LAN-W451NGR all versions provided by LOGITEC CORPORATION contains an improper access control vulnerability, which allows an unauthenticated EPSS 0.3%CVE-2025-9240MEDIUMelunez eladmin info information disclosureEPSS 0.3%CVE-2026-30962HIGHParse Server has a protected fields bypass via logical query operatorsEPSS 0.3%CVE-2026-22011HIGHVulnerability in the Oracle Applications DBA product of Oracle E-Business Suite (component: ADPatch). Supported versions that are affected EPSS 0.3%CVE-2025-14219MEDIUMCampcodes Retro Basketball Shoes Online Store admin_running.php unrestricted uploadEPSS 0.3%CVE-2026-34358HIGHCtrlPanel: Missing Authorization on Admin Write Endpoints Allows RBAC BypassEPSS 0.3%CVE-2025-31232HIGHA logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6. A saEPSS 0.3%CVE-2025-45618MEDIUMIncorrect access control in the component /admin/sys/datasource/ajaxList of jeeweb-mybatis-springboot v0.0.1.RELEASE allows attackers to accEPSS 0.3%CVE-2026-7686MEDIUMeyeo Adblock Plus Legacy Premium Activation premium.preload.js postMessage access controlEPSS 0.3%CVE-2026-32254HIGHKube-router Proxy Module Blindly Trusts ExternalIPs/LoadBalancer IPs Enabling Cluster-Wide Traffic Hijacking and DNS DoSEPSS 0.3%