Falhas do tipo CWE-284
4.430 resultadosCVE-2026-46938HIGHVulnerability in the Oracle Cost Management product of Oracle E-Business Suite (component: Cost Planning). Supported versions that are affeEPSS 0.5%CVE-2026-46896CRITICALVulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite (component: Core). Supported versions thEPSS 0.5%CVE-2026-35298CRITICALVulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1EPSS 0.5%CVE-2023-4650MEDIUMImproper Access Control in instantsoft/icms2EPSS 0.5%CVE-2026-46922HIGHVulnerability in the Oracle HR Intelligence product of Oracle E-Business Suite (component: Internal Operations). Supported versions that arEPSS 0.5%CVE-2026-46956HIGHVulnerability in the Oracle Property Manager product of Oracle E-Business Suite (component: Internal Operations). Supported versions that aEPSS 0.5%CVE-2026-46969HIGHVulnerability in the Oracle Financials for EMEA product of Oracle E-Business Suite (component: Internal Operations). Supported versions thaEPSS 0.5%CVE-2026-46960HIGHVulnerability in the Oracle Project Portfolio Analysis product of Oracle E-Business Suite (component: Internal Operations). Supported versiEPSS 0.5%CVE-2025-1890MEDIUMshishuocms ManageUpLoadAction.java handleRequest unrestricted uploadEPSS 0.5%CVE-2020-3231MEDIUMCisco IOS Software for Catalyst 2960-L Series Switches and Catalyst CDB-8P Switches 802.1X Authentication Bypass VulnerabilityEPSS 0.5%CVE-2023-23615MEDIUMMalicious users in Discourse can create spam topics as any user due to improper access controlEPSS 0.5%CVE-2023-40579MEDIUMOpenFGA Authorization BypassEPSS 0.5%CVE-2026-2164MEDIUMdetronetdip E-commerce addadhar.php unrestricted uploadEPSS 0.5%CVE-2023-47297CRITICALA settings manipulation vulnerability in NCR Terminal Handler v1.5.1 allows attackers to execute arbitrary commands, including editing systeEPSS 0.5%CVE-2025-0968MEDIUMElementsKit Elementor addons <= 3.4.0 - Unauthenticated Information Exposure via get_megamenu_content FunctionEPSS 0.5%CVE-2025-2089MEDIUMStarSea99 starsea-mall com.siro.mall.controller.mall.UserController updateInfo updateUserInfo access controlEPSS 0.5%CVE-2024-20263MEDIUMA vulnerability with the access control list (ACL) management within a stacked switch configuration of Cisco Business 250 Series Smart SwitcEPSS 0.4%CVE-2024-1092MEDIUMRSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator <= 4.4.1 - Missing AuthorizationEPSS 0.4%CVE-2018-17908—WebAccess Versions 8.3.2 and prior. During installation, the application installer disables user access control and does not re-enable it afEPSS 0.4%CVE-2025-3585MEDIUMwestboy CicadasCMS JSP Parser upload unrestricted uploadEPSS 0.4%