Falhas do tipo CWE-306

1.718 resultados
CVE-2018-25246HIGHWikipedia 12.0 Denial of Service via SearchEPSS 0.4%CVE-2024-3774MEDIUMaEnrich Technology a+HRD - Exposure of Sensitive DataEPSS 0.4%CVE-2026-33719HIGHAVideo Vulnerable to Unauthenticated CDN Configuration Takeover via Empty Default Key Bypass and Mass-Assignment in status.json.phpEPSS 0.4%CVE-2026-45248MEDIUMHedera Guardian Authentication Bypass Information DisclosureEPSS 0.4%CVE-2026-40289CRITICALPraisonAI Browser Server allows unauthenticated WebSocket clients to hijack connected extension sessionsEPSS 0.4%CVE-2026-46846CRITICALVulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware (component: Security Framework). Supported versions that aEPSS 0.4%CVE-2025-41654HIGHPEPPERL+FUCHS: Profinet Gateway LB8122A.1.EL – Device is affected by information disclosure via the SNMP protocolEPSS 0.4%CVE-2026-46910CRITICALVulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Enterprise Infrastructure Security). SupportedEPSS 0.4%CVE-2025-14294MEDIUMRazorpay for WooCommerce <= 4.7.8 - Missing Authentication to Unauthenticated Order ModificationEPSS 0.4%CVE-2026-56286HIGHCapgo - Account Deletion Without Password ConfirmationEPSS 0.4%CVE-2024-55585CRITICALIn the moPS App through 1.8.618, all users can access administrative API endpoints without additional authentication, resulting in unrestricEPSS 0.4%CVE-2023-39380Permission control vulnerability in the audio module. Successful exploitation of this vulnerability may cause audio devices to perform abnorEPSS 0.4%CVE-2024-9430MEDIUMGet Quote For Woocommerce – Request A Quote For Woocommerce <= 1.0.0 - Missing Authorization to Unauthenticated Quote PDF and CSV DownloadEPSS 0.4%CVE-2024-58336HIGHAkuvox Smart Intercom S539 Unauthenticated Video Stream DisclosureEPSS 0.3%CVE-2020-5326MEDIUMAffected Dell Client platforms contain a BIOS Setup configuration authentication bypass vulnerability in the pre-boot Intel Rapid Storage ReEPSS 0.3%CVE-2025-48391HIGHIn JetBrains YouTrack before 2025.1.76253 deletion of issues was possible due to missing permission checks in APIEPSS 0.3%CVE-2025-3474MEDIUMPanels - Critical - Access bypass - SA-CONTRIB-2025-033EPSS 0.3%CVE-2025-20210HIGHCisco Catalyst Center Unprotected API EndpointEPSS 0.3%CVE-2026-34758CRITICALOneUptime: Missing Authentication on Notification EndpointsEPSS 0.3%CVE-2024-20391MEDIUMA vulnerability in the Network Access Manager (NAM) module of Cisco Secure Client could allow an unauthenticated attacker with physical acceEPSS 0.3%