Falhas do tipo CWE-306
1.718 resultadosCVE-2026-28767MEDIUMGardyn Cloud API Missing Authentication for Critical FunctionEPSS 0.4%CVE-2026-34275CRITICALVulnerability in the Oracle Advanced Inbound Telephony product of Oracle E-Business Suite (component: Setup and Administration). Supported EPSS 0.4%CVE-2026-34732MEDIUMAVideo: Missing Authentication in CreatePlugin list.json.php Template Affects 21 EndpointsEPSS 0.4%CVE-2025-49652CRITICALImproper access control allows arbitrary account creationEPSS 0.4%CVE-2025-23417HIGHA denial of service vulnerability exists in the Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted EPSS 0.4%CVE-2024-48882HIGHA denial of service vulnerability exists in the Modbus TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network pEPSS 0.4%CVE-2025-30762HIGHVulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected areEPSS 0.4%CVE-2025-12348MEDIUMEmail Subscribers & Newsletters <= 5.9.10 - Missing Authentication to Unauthenticated Action Scheduler Task ExecutionEPSS 0.4%CVE-2026-31243MEDIUMThe mem0 1.0.0 server lacks authentication and authorization controls for its memory reset and table re-creation functionality accessible viEPSS 0.4%CVE-2025-27214CRITICALA Missing Authentication for Critical Function vulnerability in the UniFi Connect EV Station Pro may allow a malicious actor with physical oEPSS 0.4%CVE-2026-34266MEDIUMVulnerability in the PeopleSoft Enterprise HCM Absence Management product of Oracle PeopleSoft (component: Absence Management). The supporEPSS 0.4%CVE-2025-65731MEDIUMAn issue was discovered in D-Link Router DIR-605L (Hardware version F1; Firmware version: V6.02CN02) allowing an attacker with physical acceEPSS 0.4%CVE-2024-31525HIGHPeppermint Ticket Management 0.4.6 is vulnerable to Incorrect Access Control. A regular registered user is able to elevate his privileges toEPSS 0.4%CVE-2026-34280MEDIUMVulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft (component: Job Profile Manager). The supporteEPSS 0.4%CVE-2025-15026CRITICALUnauthenticated configuration import allows administrative account creation using AWIE componentEPSS 0.4%CVE-2026-3893CRITICALCarlson Software VASCO-B GNSS Receiver Missing Authentication for Critical FunctionEPSS 0.4%CVE-2023-31227HIGHThe hwPartsDFR module has a vulnerability in API calling verification. Successful exploitation of this vulnerability may affect device confiEPSS 0.4%CVE-2026-31240HIGHThe mem0 1.0.0 server lacks authentication and authorization controls for its memory management API endpoints. Critical functions such as upEPSS 0.4%CVE-2025-7045MEDIUMCloud SAML SSO <= 1.0.19 - Missing Authorization to Unauthenticated Identity Provider Deletion via delete_config ActionEPSS 0.4%CVE-2024-47912HIGHA vulnerability in the AWV (Audio, Web, and Video) Conferencing component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an uEPSS 0.4%