Weaknesses of type CWE-284
4,443 resultsCVE-2025-30141HIGHAn issue was discovered on G-Net Dashcam BB GONX devices. One can Remotely Dump Video Footage and the Live Video Stream. It exposes API endpEPSS 0.3%CVE-2020-11931LOWUbuntu modifications to pulseaudio to provide snap security enforcement could be unloadedEPSS 0.3%CVE-2026-48204CRITICALApache Camel: Camel-MongoDB-GridFS: The gridfs.* control headers used non-Camel-prefixed names that bypass the HTTP header filter, allowing an HTTP client to switch the GridFS operation - including destructive file deletion - in the default configurationEPSS 0.3%CVE-2025-43027CRITICALA critical severity vulnerability has been identified in the ALPR Manager role of Security Center that could allow attackers to gain adminisEPSS 0.3%CVE-2022-39877MEDIUMImproper access control vulnerability in ProfileSharingAccount in Group Sharing prior to versions 13.0.6.15 in Android S(12), 13.0.6.14 in AEPSS 0.3%CVE-2025-46889MEDIUMAdobe Experience Manager | Improper Access Control (CWE-284)EPSS 0.3%CVE-2023-4640MEDIUMSet Logging Level Without AuthenticationEPSS 0.3%CVE-2025-29270CRITICALIncorrect access control in the realtime.cgi endpoint of Deep Sea Electronics devices DSE855 v1.1.0 to v1.1.26 allows attackers to gain acceEPSS 0.3%CVE-2026-30707HIGHAn issue was discovered in SpeedExam Online Examination System (SaaS) after v.FEV2026. It allows Broken Access Control via the ReviewAnswerDEPSS 0.3%CVE-2024-30107LOWHCL Connections is vulnerable to broken access controlEPSS 0.3%CVE-2024-4263MEDIUMImproper Access Control in mlflow/mlflowEPSS 0.3%CVE-2024-24487MEDIUMAn issue discovered in silex technology DS-600 Firmware v.1.4.1 allows a remote attacker to cause a denial of service via crafted UDP packetEPSS 0.3%CVE-2024-5470LOWImproper Access Control in GitLabEPSS 0.3%CVE-2024-40547MEDIUMPublicCMS v4.0.202302.e was discovered to contain an arbitrary file content replacement vulnerability via the component /admin/cmsTemplate/rEPSS 0.3%CVE-2025-10085MEDIUMSourceCodester Pet Grooming Management Software manage_website.php unrestricted uploadEPSS 0.3%CVE-2026-30855HIGHWeKnora: Broken Access Control in Tenant ManagementEPSS 0.3%CVE-2025-23329HIGHNVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause memory corruption by identifyingEPSS 0.3%CVE-2025-10615MEDIUMitsourcecode E-Commerce Website products.php unrestricted uploadEPSS 0.3%CVE-2026-30140HIGHAn incorrect access control vulnerability exists in Tenda W15E V02.03.01.26_cn. An unauthenticated attacker can access the /cgi-bin/DownloadEPSS 0.3%CVE-2024-9503MEDIUMMaintenance & Coming Soon Redirect Animation <= 2.1.3 - Missing Authorization to Settings UpdateEPSS 0.3%