Weaknesses of type CWE-284
4,443 resultsCVE-2023-39972—Extension - acymailing.com - Improper Access Control in AcyMailing Enterprise component for Joomla 6.7.0-8.6.3EPSS 0.3%CVE-2019-1664HIGHCisco HyperFlex Software Unauthenticated Root Access VulnerabilityEPSS 0.3%CVE-2023-39973—Extension - acymailing.com - Improper Access Control in AcyMailing Enterprise component for Joomla 6.7.0-8.6.3EPSS 0.3%CVE-2025-30140HIGHAn issue was discovered on G-Net Dashcam BB GONX devices. A Public Domain name is Used for the Internal Domain Name. It uses an unregisteredEPSS 0.3%CVE-2024-38291HIGHIn XIQ-SE before 24.2.11, a low-privileged user may be able to access admin passwords, which could lead to privilege escalation.EPSS 0.3%CVE-2025-8344MEDIUMopenviglet shio ShStaticFileAPI.java shStaticFileUpload unrestricted uploadEPSS 0.3%CVE-2025-37137MEDIUMAuthenticated Arbitrary File Deletion Vulnerabilities in AOS-8 Controller/Mobility Conductor Command Line Interface (CLI)EPSS 0.3%CVE-2023-20230MEDIUMA vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller (APIC) could allow anEPSS 0.3%CVE-2024-1144MEDIUMImproper Access Control at Alma Devklan BlogEPSS 0.3%CVE-2026-20883MEDIUMGitea Stopwatch API Missing Authorization Check Leads to Post-Revocation Information DisclosureEPSS 0.3%CVE-2026-41277HIGHFlowise: Mass Assignment in DocumentStore Create Endpoint Leads to Cross-Workspace Object Takeover (IDOR)EPSS 0.3%CVE-2025-67645HIGHOpenEMR Vulnerable to Broken Access Control in Profile Edit EndpointEPSS 0.3%CVE-2026-40474HIGHwger has Broken Access Control in the Global Gym Configuration Update EndpointEPSS 0.3%CVE-2025-8171MEDIUMcode-projects Document Management System insert.php unrestricted uploadEPSS 0.3%CVE-2025-37136MEDIUMAuthenticated Arbitrary File Deletion Vulnerabilities in AOS-8 Controller/Mobility Conductor Command Line Interface (CLI)EPSS 0.3%CVE-2025-37135MEDIUMAuthenticated Arbitrary File Deletion Vulnerabilities in AOS-8 Controller/Mobility Conductor Command Line Interface (CLI)EPSS 0.3%CVE-2025-20153MEDIUMCisco ESA mail BypassEPSS 0.3%CVE-2024-56335HIGHPrivilege escalation allows organization groups to be updated/deleted if their UUID is known in vaultwardenEPSS 0.3%CVE-2026-1813MEDIUMbolo-blog bolo-solo FreeMarker Template PicUploadProcessor.java unrestricted uploadEPSS 0.3%CVE-2025-37125HIGHBroken access control vulnerability in Firewall Configuration Leads to Unauthorized Access to Internal Network ResourcesEPSS 0.3%