Weaknesses of type CWE-284
4,436 resultsCVE-2025-6870MEDIUMSourceCodester Simple Company Website Content.php unrestricted uploadEPSS 0.4%CVE-2024-13134MEDIUMZeroWdd studentmanager TeacherController. java editTeacher unrestricted uploadEPSS 0.4%CVE-2026-41614MEDIUMM365 Copilot for Desktop Spoofing VulnerabilityEPSS 0.4%CVE-2025-59333HIGH@executeautomation/database-server does not properly restrict access, bypassing a "read-only" modeEPSS 0.4%CVE-2025-0402MEDIUM1902756969 reggie CommonController.java upload unrestricted uploadEPSS 0.4%CVE-2024-13211MEDIUMSingMR HouseRent AdminController.java access controlEPSS 0.4%CVE-2025-2499MEDIUMClient side access control bypass in the permission component in
Devolutions Remote Desktop Manager on Windows. An authenticated user can eEPSS 0.4%CVE-2024-13042MEDIUMTsinghua Unigroup Electronic Archives Management System download.html download information disclosureEPSS 0.4%CVE-2026-33316HIGHVikunja’s Improper Access Control Enables Bypass of Administrator-Imposed Account DisablementEPSS 0.4%CVE-2022-29160LOWSensitive files/data exist after deletion of user account in Nextcloud AndroidEPSS 0.4%CVE-2024-39777HIGHMalicious remote can invite itself to an arbitrary local channelEPSS 0.4%CVE-2026-46861CRITICALVulnerability in the MySQL NDB Cluster product of Oracle MySQL (component: Cluster: NDB Operator). Supported versions that are affected areEPSS 0.4%CVE-2024-34099HIGHZDI-CAN-XXXX: [Pwn2Own] Acrobat sandbox bypass part 2 of 2EPSS 0.4%CVE-2024-13240HIGHOpen Social - Moderately critical - Access bypass - SA-CONTRIB-2024-004EPSS 0.4%CVE-2025-4258MEDIUMzhangyanbo2007 youkefu MediaController.java upload unrestricted uploadEPSS 0.4%CVE-2024-41144MEDIUMMalicious remote can create/update/delete arbitrary posts in arbitrary channelsEPSS 0.4%CVE-2026-46919CRITICALVulnerability in the Siebel CRM Cloud Applications product of Oracle Siebel CRM (component: Siebel Cloud Manager). Supported versions that EPSS 0.4%CVE-2026-2666MEDIUMmingSoft MCMS Template Archive uploadTemplate.do unrestricted uploadEPSS 0.4%CVE-2026-5526MEDIUMTenda 4G03 Pro httpd access controlEPSS 0.4%CVE-2024-42655HIGHAn access control issue in NanoMQ v0.21.10 allows attackers to bypass security restrictions and access sensitive system topic messages usingEPSS 0.4%