Weaknesses of type CWE-266
939 resultsCVE-2022-4613MEDIUMClick Studios Passwordstate Browser Extension Provisioning improper authorizationEPSS 0.7%CVE-2024-13104MEDIUMD-Link DIR-816 A2 WiFi Settings form2AdvanceSetup.cgi access controlEPSS 0.7%CVE-2025-7076MEDIUMBlackVue Dashcam 590X Configuration upload.cgi access controlEPSS 0.7%CVE-2024-13421CRITICALReal Estate 7 WordPress <= 3.5.1 - Unauthenticated Privilege Escalation to AdministratorEPSS 0.7%CVE-2025-2345CRITICALIROAD Dash Cam X5/Dash Cam X6 improper authorizationEPSS 0.7%CVE-2022-4280MEDIUMDot Tech Smart Campus System findUser information disclosureEPSS 0.7%CVE-2020-26182MEDIUMDell EMC NetWorker versions prior to 19.3.0.2 contain an incorrect privilege assignment vulnerability. A non-LDAP remote user with low priviEPSS 0.7%CVE-2024-12782MEDIUMFujifilm Business Innovation Apeos C3070/Apeos C5570/Apeos C6580 Web Interface index.html#hashHome improper authorizationEPSS 0.7%CVE-2025-2995MEDIUMTenda FH1202 Web Management Interface SysToolChangePwd access controlEPSS 0.7%CVE-2025-2550MEDIUMD-Link DIR-618/DIR-605L DDNS Service formSetDDNS access controlEPSS 0.7%CVE-2025-2547MEDIUMD-Link DIR-618/DIR-605L formAdvNetwork access controlEPSS 0.7%CVE-2025-2551MEDIUMD-Link DIR-618/DIR-605L formSetPortTr access controlEPSS 0.7%CVE-2025-2552MEDIUMD-Link DIR-618/DIR-605L formTcpipSetup access controlEPSS 0.7%CVE-2024-10978MEDIUMPostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user IDEPSS 0.7%CVE-2025-14749MEDIUMNingyuanda TC155 ONVIF PTZ Control device_service access controlEPSS 0.7%CVE-2025-2218MEDIUMLoveCards LoveCardsV2 Setting other access controlEPSS 0.7%CVE-2023-6815MEDIUMIncorrect Privilege Assignment vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series Safety CPU R08/16/32/120SFCPU all versionEPSS 0.7%CVE-2025-10725CRITICALOpenshift-ai: overly permissive clusterrole allows authenticated users to escalate privileges to cluster adminEPSS 0.7%CVE-2025-23970CRITICALWordPress Service Finder Booking plugin <= 6.1 - Privilege Escalation VulnerabilityEPSS 0.7%CVE-2025-2996MEDIUMTenda FH1202 Web Management Interface SysToolDDNS access controlEPSS 0.7%