Falhas do tipo CWE-284
4.459 resultadosCVE-2026-7021MEDIUMSmythOS sre Connector Service utils.ts information disclosureEPSS 0.2%CVE-2023-29113MEDIUMA lack of access control in custom IPC mechanismEPSS 0.2%CVE-2025-43513MEDIUMA permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS TEPSS 0.2%CVE-2025-43396MEDIUMA logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. A sandEPSS 0.2%CVE-2024-39934HIGHRobotmk before 2.0.1 allows a local user to escalate privileges (e.g., to SYSTEM) if automated Python environment setup is enabled, because EPSS 0.2%CVE-2025-43477MEDIUMA privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.7.2, macOS SonomEPSS 0.2%CVE-2026-34274MEDIUMVulnerability in the Oracle Configurator product of Oracle E-Business Suite (component: User Interface). Supported versions that are affectEPSS 0.2%CVE-2023-42542LOWImproper access control vulnerability in Samsung Push Service prior to 3.4.10 allows local attackers to get register ID to identify the deviEPSS 0.2%CVE-2025-64400MEDIUMInsufficient permission checks when pre-enrolling users SummaryEPSS 0.2%CVE-2026-34269MEDIUMVulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Supported versions that are affectEPSS 0.2%CVE-2026-34284MEDIUMVulnerability in the Oracle Business Process Management Suite product of Oracle Fusion Middleware (component: Human workflow 11g+). SupportEPSS 0.2%CVE-2022-20358HIGHIn startSync of AbstractThreadedSyncAdapter.java, there is a possible way to access protected content of content providers due to a missing EPSS 0.2%CVE-2026-34283MEDIUMVulnerability in the Oracle Identity Manager product of Oracle Fusion Middleware (component: Identity Console). Supported versions that areEPSS 0.2%CVE-2025-43498MEDIUMAn authorization issue was addressed with improved state management. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, EPSS 0.2%CVE-2026-11302MEDIUMInsufficient policy enforcement in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to bypass discretEPSS 0.2%CVE-2025-24516MEDIUMImproper access control for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an infoEPSS 0.2%CVE-2025-54561MEDIUMAn Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which aEPSS 0.2%CVE-2025-43337MEDIUMAn access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26. An app may EPSS 0.2%CVE-2022-36864MEDIUMImproper access control and intent redirection in Samsung Email prior to 6.1.70.20 allows attacker to access specific formatted file and exeEPSS 0.2%CVE-2023-2112LOWDesktop component allows lateral movement between sessionsEPSS 0.2%