Weaknesses of type CWE-284

4,445 results
CVE-2022-26389HIGHImproper Access Control Vulnerability in ELI Electrocardiograph DevicesEPSS 0.3%CVE-2026-53520MEDIUMNezha Monitoring: Authenticated users can claim the dashboard Host through NAT and preempt all dashboard routingEPSS 0.3%CVE-2019-9529The web application portal of the Cobham EXPLORER 710, firmware version 1.07, has no authentication by defaultEPSS 0.3%CVE-2026-50875HIGHIncorrect access control in the /{form}/webhooks/{webhook} endpoint of Deck9 Input v2.0.1 allows authenticated attackers to arbitrarily modiEPSS 0.3%CVE-2026-1749MEDIUMThere is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the adEPSS 0.3%CVE-2025-69220HIGHLibreChat has Insufficient Access Control for Agent FilesEPSS 0.3%CVE-2024-5272MEDIUMRun Details leak to guest via webhook event "custom_playbooks_playbook_run_updated"EPSS 0.3%CVE-2025-44526MEDIUMRealtek RTL8762EKF-EVB RTL8762E SDK V1.4.0 was discovered to utilize insufficient permission checks on critical fields within Bluetooth Low EPSS 0.3%CVE-2022-3027MEDIUMContec Health CMS8000EPSS 0.3%CVE-2024-27891MEDIUMOn affected platforms running Arista EOS with MACsec and egress ACLs configured on the same interfaces, the ACL policies may not be enforced for packets egressing on those ports.EPSS 0.3%CVE-2025-29973HIGHMicrosoft Azure File Sync Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2026-20622HIGHA privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3. An aEPSS 0.3%CVE-2026-31192MEDIUMInsufficient validation of Chrome extension identifiers in Raindrop.io Bookmark Manager Web App 5.6.76.0 allows attackers to obtain sensitivEPSS 0.3%CVE-2025-55795LOWThe openml/openml.org web application version v2.0.20241110 uses incremental user IDs and insufficient email ownership verification during eEPSS 0.3%CVE-2025-43947HIGHCodemers KLIMS 1.6.DEV lacks a proper access control mechanism, allowing a normal KLIMS user to perform all the actions that an admin can peEPSS 0.3%CVE-2026-28855HIGHA permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3. An app maEPSS 0.3%CVE-2025-20131MEDIUMCisco Identity Services Engine Arbitrary File Upload VulnerabilityEPSS 0.3%CVE-2024-2749MEDIUMVikBooking < 1.6.8 - Broken Access ControlEPSS 0.3%CVE-2026-34233MEDIUMCtrlPanel has Missing Authentication Checks in Datatable Admin EndpointsEPSS 0.3%CVE-2025-63423HIGHEach Italy Wireless Mini Router WIRELESS-N 300M v28K.MiniRouter.20190211 was discovered to store the Administrator password.EPSS 0.3%