Falhas do tipo CWE-284

4.454 resultados
CVE-2026-46818HIGHVulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmission). Supported versions that are affecteEPSS 0.3%CVE-2026-9445MEDIUMSourceCodester Simple POS and Inventory System File Extension addproduct.php unrestricted uploadEPSS 0.3%CVE-2026-46871MEDIUMVulnerability in the MySQL Shell product of Oracle MySQL (component: Shell for VS Code). The supported version that is affected is 2026.2.EPSS 0.3%CVE-2026-46821HIGHVulnerability in the Oracle Financials Common Modules product of Oracle E-Business Suite (component: Common Components). Supported versionsEPSS 0.3%CVE-2026-34299MEDIUMVulnerability in the PeopleSoft Enterprise FIN Maintenance Management product of Oracle PeopleSoft (component: Work Order Management). TheEPSS 0.3%CVE-2026-3111MEDIUMMultiple vulnerabilities on the Educativa CampusEPSS 0.3%CVE-2026-34291HIGHVulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.EPSS 0.3%CVE-2025-53360MEDIUMpluginsGLPI's Database Inventory Plugin allows any authenticated user to send agent requestsEPSS 0.3%CVE-2026-34295MEDIUMVulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft (component: Purchasing). The supported version thatEPSS 0.3%CVE-2025-14522MEDIUMbaowzh hfly upload_json.php unrestricted uploadEPSS 0.3%CVE-2026-46911CRITICALVulnerability in the JD Edwards EnterpriseOne Project Costing product of Oracle JD Edwards (component: Job Costing). The supported versionEPSS 0.3%CVE-2026-34301MEDIUMVulnerability in the PeopleSoft Enterprise FIN Maintenance Management product of Oracle PeopleSoft (component: Work Order Management). TheEPSS 0.3%CVE-2024-7553HIGHAccessing Untrusted Directory May Allow Local Privilege EscalationEPSS 0.3%CVE-2026-24896MEDIUMOpenEMR has Broken Access Control that allows unauthorized access to EDI LogsEPSS 0.3%CVE-2025-61879HIGHIn Infoblox NIOS through 9.0.7, a High-Privileged User Can Trigger an Arbitrary File Write via the Account Creation Mechanism.EPSS 0.3%CVE-2026-1079MEDIUMA native messaging host vulnerability in Pega Browser Extension (PBE) affects users of all versions of Pega Robotic Automation who have installed Pega Browser Extension.EPSS 0.3%CVE-2025-11655MEDIUMTotal.js Flow SVG File unrestricted uploadEPSS 0.3%CVE-2026-5847MEDIUMcode-projects Movie Ticketing System SQL Database Backup File moviedb.sql information disclosureEPSS 0.3%CVE-2024-31320HIGHIn setSkipPrompt of AssociationRequest.java , there is a possible way to establish a companion device association without any confirmation dEPSS 0.3%CVE-2026-5960MEDIUMcode-projects Patient Record Management System SQL Database Backup File hcpms.sql information disclosureEPSS 0.3%