Weaknesses of type CWE-269
1,785 resultsCVE-2021-25336LOWImproper access control in NotificationManagerService in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows untrusted applicationEPSS 0.2%CVE-2020-16238MEDIUMB. Braun SpaceCom, Battery Pack SP with Wi-Fi, and Data module compactplusEPSS 0.2%CVE-2022-38378MEDIUMAn improper privilege management vulnerability [CWE-269] in Fortinet FortiOS version 7.2.0 and before 7.0.7 and FortiProxy version 7.2.0 thrEPSS 0.2%CVE-2025-31284MEDIUMA broken access control vulnerability previously discovered in the Trend Vision One Status component could have allowed an administrator to EPSS 0.2%CVE-2025-31283MEDIUMA broken access control vulnerability previously discovered in the Trend Vision One User Roles component could have allowed an administratorEPSS 0.2%CVE-2025-8309HIGHUser privilege escalation vulnerabilityEPSS 0.2%CVE-2025-31285MEDIUMA broken access control vulnerability previously discovered in the Trend Vision One Role Name component could have allowed an administrator EPSS 0.2%CVE-2024-40781HIGHThe issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. A localEPSS 0.2%CVE-2026-10868CRITICALMISP user edit endpoint mass assignment vulnerability allows unauthorized user account modificationEPSS 0.2%CVE-2026-5193MEDIUMEssential Addons for Elementor – Popular Elementor Templates & Widgets <= 6.5.13 - Authenticated (Author+) Limited Privilege Escalation via register_userEPSS 0.2%CVE-2023-48419CRITICALAn attacker in the wifi vicinity of a target Google Home can spy on the victim, resulting in EoPEPSS 0.2%CVE-2025-53030MEDIUMVulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.EPSS 0.2%CVE-2023-24509CRITICALOn affected modular platforms running Arista EOS equipped with both redundant supervisor modules and having the redundancy protocol configured with RPR or SSO, an existing unprivileged user can login to the standby supervisor as a root user, leading t ...EPSS 0.2%CVE-2025-67781CRITICALAn issue was discovered in DriveLock 24.1 before 24.1.6, 24.2 before 24.2.7, and 25.1 before 25.1.5. Local unprivileged users can manipulateEPSS 0.2%CVE-2025-31282MEDIUMA broken access control vulnerability previously discovered in the Trend Vision One User Account component could have allowed an administratEPSS 0.2%CVE-2026-8157HIGHVitepos < 3.4.2 - Outlet Manager+ Privilege EscalationEPSS 0.2%CVE-2024-41949LOWbiscuit-rust vulnerable to public key confusion in third party blockEPSS 0.2%CVE-2025-13534MEDIUMELEX WordPress HelpDesk & Customer Ticketing System <= 3.3.2 - Authenticated (Contributor+) Privilege Escalation via eh_crm_edit_agent AJAX ActionEPSS 0.2%CVE-2021-31359HIGHJunos OS and Junos OS Evolved: Local Privilege Escalation vulnerabilityEPSS 0.2%CVE-2023-45083MEDIUMHyperCloud: "admin" and "serveradmin" users can be deletedEPSS 0.2%