Falhas do tipo CWE-284
4.394 resultadosCVE-2025-29520MEDIUMIncorrect access control in the Maintenance module of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows authenticated attackeEPSS 0.5%CVE-2023-40170MEDIUMcross-site inclusion (XSSI) of files in jupyter-serverEPSS 0.5%CVE-2025-26608CRITICALSQL Injection endpoint 'dependente_docdependente.php' parameter 'id_dependente', 'id_doc' in WeGIAEPSS 0.5%CVE-2025-2991MEDIUMTenda FH1202 Web Management Interface AdvSetWrlmacfilter access controlEPSS 0.5%CVE-2025-26609CRITICALSQL Injection endpoint 'familiar_docfamiliar.php' parameter 'id_dependente', 'id_doc' in WeGIAEPSS 0.5%CVE-2025-26607CRITICALSQL Injection endpoint 'documento_excluir.php' parameter 'id_funcionario' in WeGIAEPSS 0.5%CVE-2025-26617CRITICALSQL Injection endpoint 'historico_paciente.php' parameter 'id_fichamedica' in WeGIAEPSS 0.5%CVE-2025-26606CRITICALSQL Injection endpoint 'informacao_adicional.php' parameter 'id_descricao' in WeGIAEPSS 0.5%CVE-2023-36465CRITICALDecidim has broken access control in templatesEPSS 0.5%CVE-2024-45522CRITICALLinen before cd37c3e does not verify that the domain is linen.dev or www.linen.dev when resetting a password. This occurs in create in apps/EPSS 0.5%CVE-2025-32470HIGHUnauthenticated change of IP adressEPSS 0.5%CVE-2026-5312MEDIUMD-Link DNS-1550-04 dsk_mgr.cgi Get_current_raidtype access controlEPSS 0.5%CVE-2026-1114CRITICALImproper Access Control via Weak JWT Token in parisneo/lollmsEPSS 0.5%CVE-2020-1754MEDIUMIn Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, users viewing the grade history report without the 'access all groups' capability were not EPSS 0.5%CVE-2023-21828HIGHVulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Applications (component: Reporting). TEPSS 0.5%CVE-2023-32062MEDIUMOroCalendarBundle has incorrect system calendar events visibilityEPSS 0.5%CVE-2023-2202MEDIUMImproper Access Control in francoisjacquet/rosariosisEPSS 0.5%CVE-2023-32063MEDIUMOroCRMCallBundle has incorrect call view page visibilityEPSS 0.5%CVE-2024-41246MEDIUMAn Incorrect Access Control vulnerability was found in /smsa/admin_dashboard.php in Kashipara Responsive School Management System v3.2.0, whEPSS 0.5%CVE-2024-37882HIGHNextcloud Server can reshare read&share only folder with more permissionsEPSS 0.5%