Hi Olivier,
Please let me know what you are intending to do after finding the list of users who can execute these sensitive Tcodes? May be if people know your requirement, purpose of doing this, they may suggest different approach.
As per my previous solution, Yes the transaction may be present in many roles but as I said earlier, if you are looking for the list of users who can execute any of the selected Tcodes, then the above logic works. If you are looking for the users who can execute all the of selected Tcodes then its different story and might need more efforts.
Thanks,
Kalpana.