Weaknesses of type CWE-266
960 resultsCVE-2025-10608MEDIUMPortabilis i-Educar enrollment-history access controlEPSS 0.3%CVE-2026-4617MEDIUMSourceCodester Patients Waiting Area Queue Management System Patient Check-In api_patient_checkin.php ValidateToken improper authorizationEPSS 0.3%CVE-2025-11049MEDIUMPortabilis i-Educar unificacao-aluno improper authorizationEPSS 0.3%CVE-2025-11048MEDIUMPortabilis i-Educar consulta-dispensas improper authorizationEPSS 0.3%CVE-2024-31771HIGHInsecure Permission vulnerability in TotalAV v.6.0.740 allows a local attacker to escalate privileges via a crafted fileEPSS 0.3%CVE-2025-11047MEDIUMPortabilis i-Educar aluno improper authorizationEPSS 0.3%CVE-2025-11050MEDIUMPortabilis i-Educar periodo-lancamento improper authorizationEPSS 0.3%CVE-2025-9609MEDIUMPortabilis i-Educar consulta improper authorizationEPSS 0.3%CVE-2026-42368CRITICALGeoVision LPC2011/LPC2211 Web Interface privilege escalation vulnerabilityEPSS 0.3%CVE-2025-62007HIGHWordPress Voice Feedback plugin <= 1.0.3 - Privilege Escalation vulnerabilityEPSS 0.3%CVE-2025-46204MEDIUMAn issue in Unifiedtransform v2.0 allows a remote attacker to escalate privileges via the /course/edit/{id} endpoint.EPSS 0.3%CVE-2026-32519CRITICALWordPress Bit SMTP plugin <= 1.2.2 - Broken Authentication vulnerabilityEPSS 0.3%CVE-2019-10143MEDIUMIt was discovered freeradius up to and including version 3.0.19 does not correctly configure logrotate, allowing a local attacker who alreadEPSS 0.3%CVE-2025-10976LOWJeecgBoot getDepartUserList improper authorizationEPSS 0.3%CVE-2025-53580CRITICALWordPress Simple Business Directory Pro Plugin < 15.6.9 - Privilege Escalation VulnerabilityEPSS 0.3%CVE-2026-32488HIGHWordPress User Registration plugin <= 4.4.9 - Privilege Escalation vulnerabilityEPSS 0.3%CVE-2026-27395CRITICALWordPress Support Board plugin < 3.8.9 - Privilege Escalation vulnerabilityEPSS 0.3%CVE-2024-38278HIGHA vulnerability has been identified in RUGGEDCOM RMC8388 V5.X (All versions < V5.9.0), RUGGEDCOM RMC8388NC V5.X (All versions < V5.9.0), RUGEPSS 0.3%CVE-2025-11554MEDIUMPortabilis i-Educar User Type AccessLevelController.php insecure inherited permissionsEPSS 0.3%CVE-2019-19350—An insecure modification vulnerability in the /etc/passwd file was found in the openshift/ansible-service-broker as shipped in Red Hat OpensEPSS 0.3%