Weaknesses of type CWE-284
4,444 resultsCVE-2024-13635MEDIUMVK Blocks <= 1.94.2.2 - Missing Authorization to Sensitive Information ExposureEPSS 0.3%CVE-2026-45654HIGHSecure Boot Security Feature Bypass VulnerabilityEPSS 0.3%CVE-2025-45609HIGHIncorrect access control in the doFilter function of kob latest v1.0.0-SNAPSHOT allows attackers to access sensitive information via a craftEPSS 0.3%CVE-2026-0577MEDIUMcode-projects Online Product Reservation System prod.php unrestricted uploadEPSS 0.3%CVE-2024-20938MEDIUMVulnerability in the Oracle iStore product of Oracle E-Business Suite (component: ECC). Supported versions that are affected are 12.2.3-12.EPSS 0.3%CVE-2026-2075MEDIUMyeqifu warehouse Role-Permission Binding RoleController.java saveRolePermission access controlEPSS 0.3%CVE-2023-31346MEDIUMFailure to initialize
memory in SEV Firmware may allow a privileged attacker to access stale data
from other guests.
EPSS 0.3%CVE-2025-45608HIGHIncorrect access control in the /system/user/findUserList API of Xinguan v0.0.1-SNAPSHOT allows attackers to access sensitive information viEPSS 0.3%CVE-2026-4220MEDIUMTechnologies Integrated Management Platform SetWebpagePic.jsp unrestricted uploadEPSS 0.3%CVE-2025-45614HIGHIncorrect access control in the component /api/user/manager of One v1.0 allows attackers to access sensitive information via a crafted payloEPSS 0.3%CVE-2024-20936MEDIUMVulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite (component: Documents). Supported versions that are aEPSS 0.3%CVE-2024-6727MEDIUMBroken Access Control in DelphixEPSS 0.3%CVE-2023-23908MEDIUMImproper access control in some 3rd Generation Intel(R) Xeon(R) Scalable processors may allow a privileged user to potentially enable informEPSS 0.3%CVE-2025-8128MEDIUMzhousg letao product.js unrestricted uploadEPSS 0.3%CVE-2025-23164MEDIUMA misconfigured access token mechanism in the Unifi Protect Application (Version 5.3.41 and earlier) could permit the recipient of a "Share EPSS 0.3%CVE-2025-1881MEDIUMi-Drive i11/i12 Video Footage/Live Video Stream access controlEPSS 0.3%CVE-2026-23660HIGHWindows Admin Center in Azure Portal Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2026-1181CRITICALAltium 365 Over-Permissive CORS Configuration Allows Credentialed Cross-Origin Workspace AccessEPSS 0.3%CVE-2025-6848MEDIUMcode-projects Simple Forum forum1.php unrestricted uploadEPSS 0.3%CVE-2026-46978CRITICALVulnerability in the Oracle Solaris product of Oracle Systems (component: Remote Administration Daemon). The supported version that is affEPSS 0.3%