Weaknesses of type CWE-284

4,445 results
CVE-2026-41092HIGHMicrosoft Kinect Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2025-60800HIGHIncorrect access control in the /jshERP-boot/user/info interface of jshERP up to commit 90c411a allows attackers to access sensitive informaEPSS 0.3%CVE-2022-39915LOWImproper access control vulnerability in Calendar prior to versions 11.6.08.0 in Android Q(10), 12.2.11.3000 in Android R(11), 12.3.07.2000 EPSS 0.3%CVE-2026-5576MEDIUMSourceCodester/jkev Record Management System Add Employee save_emp.php unrestricted uploadEPSS 0.3%CVE-2026-9580MEDIUMJeecgBoot selectDepart LoginController.selectDepart access controlEPSS 0.3%CVE-2026-54407HIGHA malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Protect Application to byEPSS 0.3%CVE-2026-42829HIGHWindows Administrator Protection Secure Feature Bypass VulnerabilityEPSS 0.3%CVE-2026-46920HIGHVulnerability in the Siebel CRM Cloud Applications product of Oracle Siebel CRM (component: Siebel Cloud Manager). Supported versions that EPSS 0.3%CVE-2017-14031An Improper Access Control issue was discovered in Trihedral VTScada 11.3.03 and prior. A local, non-administrator user has privileges to reEPSS 0.3%CVE-2024-40812HIGHA logic issue was addressed with improved checks. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS MonteEPSS 0.3%CVE-2024-50353MEDIUMICG.AspNetCore.Utilities.CloudStorage's Secure Token Durations Different Than ExpectedEPSS 0.3%CVE-2023-24544HIGHImproper access control vulnerability in Buffalo network devices allows a network-adjacent attacker to obtain specific files of the product.EPSS 0.3%CVE-2026-26977MEDIUMFrappe Learning Management System exposes details of unpublished courses to unauthorized usersEPSS 0.3%CVE-2025-65780HIGHAn issue was discovered in Wekan The Open Source kanban board system up to version 18.15, fixed in 18.16. Authenticated users can update theEPSS 0.3%CVE-2026-24035MEDIUMHorilla has Improper Access Control Issue that Allows Unauthorized Document Upload on Behalf of Another EmployeeEPSS 0.3%CVE-2025-1115MEDIUMRT-Thread lwp_syscall.c sys_timer_settime information disclosureEPSS 0.3%CVE-2026-46695CRITICALBoxLite: Permission Bypass in boxlite Allows Modification of Read-Only FilesEPSS 0.3%CVE-2025-26138MEDIUMSystemic Risk Value <=2.8.0 is vulnerable to improper access control in /RiskValue/GroupingEntities/Controls/GetFile.aspx?ID=. Uploaded fileEPSS 0.3%CVE-2025-15050MEDIUMcode-projects Student File Management System save_file.php unrestricted uploadEPSS 0.3%CVE-2026-3543HIGHInappropriate implementation in V8 in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform out of bounds mEPSS 0.3%