Weaknesses of type CWE-284

4,443 results
CVE-2023-1453MEDIUMWatchdog Anti-Virus IoControlCode wsdk-driver.sys 0x80002008 access controlEPSS 0.3%CVE-2025-11281LOWFrappe LMS Unpublished Course courses access controlEPSS 0.3%CVE-2025-61114HIGH2nd Line Android App version v1.2.92 and before (package name com.mysecondline.app), developed by AutoBizLine, Inc., contains an improper acEPSS 0.3%CVE-2025-46331MEDIUMOpenFGA Authorization BypassEPSS 0.3%CVE-2025-61117HIGHSenza: Keto & Fasting Android App version 2.10.15 (package name com.gl.senza), developed by Paul Itoi, contains an improper access control vEPSS 0.3%CVE-2025-61116HIGHAdForest - Classified Android App version 4.0.12 (package name scriptsbundle.adforest), developed by Muhammad Jawad Arshad, contains an imprEPSS 0.3%CVE-2020-35546CRITICALLexmark MX6500 LW75.JD.P296 and previous devices have Incorrect Access Control via the access control settings.EPSS 0.3%CVE-2024-9503MEDIUMMaintenance & Coming Soon Redirect Animation <= 2.1.3 - Missing Authorization to Settings UpdateEPSS 0.3%CVE-2025-47179MEDIUMConfiguration Manager Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2026-30140HIGHAn incorrect access control vulnerability exists in Tenda W15E V02.03.01.26_cn. An unauthenticated attacker can access the /cgi-bin/DownloadEPSS 0.3%CVE-2025-12297MEDIUMatjiu pybbs UserApiController.java information disclosureEPSS 0.3%CVE-2025-30735HIGHVulnerability in the PeopleSoft Enterprise CC Common Application Objects product of Oracle PeopleSoft (component: Page and Field ConfiguratiEPSS 0.3%CVE-2025-1259HIGHOn affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected.EPSS 0.3%CVE-2026-26145MEDIUMMicrosoft Azure Synapse Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2025-25734MEDIUMKapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 was discovered to contain an uEPSS 0.3%CVE-2026-46808HIGHVulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). The supported version that EPSS 0.3%CVE-2023-46033D-Link (Non-US) DSL-2750U N300 ADSL2+ and (Non-US) DSL-2730U N150 ADSL2+ are vulnerable to Incorrect Access Control. The UART/Serial interfaEPSS 0.3%CVE-2026-50891HIGHIncorrect access control in the /admin/api/config component of Filestash v0.4.0 allows attackers to escalate privileges via sending a crafteEPSS 0.3%CVE-2025-6900MEDIUMcode-projects Library System add-book.php unrestricted uploadEPSS 0.3%CVE-2024-43409MEDIUMGhost's improper authentication allows access to member information and actionsEPSS 0.3%