Falhas do tipo CWE-284
4.457 resultadosCVE-2026-22019MEDIUMVulnerability in the PeopleSoft Enterprise HCM Shared Components product of Oracle PeopleSoft (component: Person Search). The supported veEPSS 0.2%CVE-2025-24917HIGHImproper Access Control leads to Local Privilege EscalationEPSS 0.2%CVE-2026-34307MEDIUMVulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Workflow). Supported versions that are affeEPSS 0.2%CVE-2026-41123MEDIUMDell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1EPSS 0.2%CVE-2026-11187MEDIUMInappropriate implementation in Glic in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions viaEPSS 0.2%CVE-2026-46848HIGHVulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 14.EPSS 0.2%CVE-2025-47792MEDIUMNextcloud Desktop 3rdparty applications can create share links via socket APIEPSS 0.2%CVE-2023-26596LOWImproper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentEPSS 0.2%CVE-2022-39875MEDIUMImproper component protection vulnerability in Samsung Account prior to version 13.5.0 allows attackers to unauthorized logout.EPSS 0.2%CVE-2026-28218MEDIUMDiscourse's Fail-Open Access Control in Data Explorer Plugin Allows Unauthorized SQL Query ExecutionEPSS 0.2%CVE-2023-22618HIGHIf Security Hardening guide rules are not followed, then Nokia WaveLite products allow a local user to create new users with administrative EPSS 0.2%CVE-2023-21493MEDIUMImproper access control vulnerability in SemShareFileProvider prior to SMR May-2023 Release 1 allows local attackers to access protected datEPSS 0.2%CVE-2023-21495MEDIUMImproper access control vulnerability in Knox Enrollment Service prior to SMR May-2023 Release 1 allow attacker install KSP app when device EPSS 0.2%CVE-2023-42969LOWAn app may be able to break out of its sandbox. This issue is fixed in iOS 17 and iPadOS 17, iOS 16.7 and iPadOS 16.7, macOS Sonoma 14, macOEPSS 0.2%CVE-2023-21442MEDIUMImproper access control vulnerability in Runestone application prior to version 2.9.09.003 in Android R(11) and 3.2.01.007 in Android S(12) EPSS 0.2%CVE-2026-35067MEDIUMDell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Improper Access Control vulnerability. A low privileged attacker with adjEPSS 0.1%CVE-2026-46768MEDIUMVulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: VMSVGA device). The supported version that is affecEPSS 0.1%CVE-2024-6364MEDIUMServer Identity Validation Bypass in Absolute Persistence®EPSS 0.1%CVE-2025-25225MEDIUMExtension - hikashop.com - Privilege escalation vulnerability Hikashop component version 1.0.0 - 5.1.3 for JoomlaEPSS 0.1%CVE-2025-46307MEDIUMA logic issue was addressed with improved restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access sensitive user dEPSS 0.1%