Falhas do tipo CWE-284

4.457 resultados
CVE-2022-24923MEDIUMImproper access control vulnerability in Samsung SearchWidget prior to versions 2.3.00.6 in China models allows untrusted applications to loEPSS 0.2%CVE-2026-7133MEDIUMcode-projects Online Lot Reservation System activity.php unrestricted uploadEPSS 0.2%CVE-2026-34277MEDIUMVulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Fluid Core). Supported versions that are afEPSS 0.2%CVE-2026-1964MEDIUMWeKan REST Endpoint boards.js BoardTitleRESTBleed access controlEPSS 0.2%CVE-2026-11621MEDIUMDcat-Admin User Setting upload editorMDUpload unrestricted uploadEPSS 0.2%CVE-2023-34403MEDIUMMercedes-Benz head-unit NTG6 has Ethernet pins on Base Board to connect module CSB. Attacker can connect to this pins and get access to inteEPSS 0.2%CVE-2026-7134MEDIUMcode-projects Online Lot Reservation System edithousepic.php unrestricted uploadEPSS 0.2%CVE-2023-27517MEDIUMImproper access control in some Intel(R) Optane(TM) PMem software before versions 01.00.00.3547, 02.00.00.3915, 03.00.00.0483 may allow an aEPSS 0.2%CVE-2026-34298MEDIUMVulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Personalization). Supported versions thatEPSS 0.2%CVE-2022-40207HIGHImproper access control in the Intel(R) SUR software before version 2.4.8989 may allow an authenticated user to potentially enable escalatioEPSS 0.2%CVE-2025-27093MEDIUMSliver does not restricted traffic between Wireguard clients.EPSS 0.2%CVE-2025-4962HIGHIDOR Vulnerability in Template Creation via `projectId` Manipulation in lunary-ai/lunaryEPSS 0.2%CVE-2026-5881MEDIUMPolicy bypass in LocalNetworkAccess in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass navigation restrictions via EPSS 0.2%CVE-2025-15141LOWHalo Configuration actuator information disclosureEPSS 0.2%CVE-2026-46828HIGHVulnerability in the Oracle Payroll product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affectEPSS 0.2%CVE-2026-11193MEDIUMInsufficient policy enforcement in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass discretionarEPSS 0.2%CVE-2025-32376MEDIUMDiscourse DM limits aren’t always properly enforcedEPSS 0.2%CVE-2025-68716HIGHKAYSUS KS-WR3600 routers with firmware 1.0.5.9.1 enable the SSH service enabled by default on the LAN interface. The root account is configuEPSS 0.2%CVE-2023-34469MEDIUMCold Rest VulnerabiltiyEPSS 0.2%CVE-2022-36396HIGHImproper access control in some Intel(R) Aptio* V UEFI Firmware Integrator Tools before version iDmiEdit-Linux-5.27.06.0017 may allow a privEPSS 0.2%