Weaknesses of type CWE-284
4,453 resultsCVE-2026-33377HIGHDashboard Import Overwrites ACL — Editor Privilege Escalation to Dashboard AdminEPSS 0.2%CVE-2024-32940MEDIUMImproper access control in Intel(R) RAID Web Console software for all versions may allow an authenticated user to potentially enable denial EPSS 0.2%CVE-2023-50440MEDIUMZED containers produced by PRIMX ZED! for Windows before Q.2020.3 (ANSSI qualification submission); ZED! for Windows before Q.2021.2 (ANSSI EPSS 0.2%CVE-2018-10500—This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 6.4.0.1EPSS 0.2%CVE-2022-27838HIGHImproper access control vulnerability in FactoryCamera prior to version 2.1.96 allows attacker to access the file with system privilege.EPSS 0.2%CVE-2025-30732MEDIUMVulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: Core). Supported versions that are afEPSS 0.2%CVE-2021-25349MEDIUMUsing unsafe PendingIntent in Slow Motion Editor prior to version 3.5.18.5 allows local attackers unauthorized action without permission viaEPSS 0.2%CVE-2021-25439—Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android PEPSS 0.2%CVE-2025-14052MEDIUMyoulaitech youlai-mall members getMemberById access controlEPSS 0.2%CVE-2024-47481MEDIUMDell Data Lakehouse, version(s) 1.0.0.0, 1.1.0., contain(s) an Improper Access Control vulnerability. An unauthenticated attacker with adjacEPSS 0.2%CVE-2025-57758MEDIUMContao has improper access control in the back end votersEPSS 0.2%CVE-2021-42808MEDIUMThe Sentinel Protection Installer 7.7.0 creates files and directory with all privileges granting any user full permissions.EPSS 0.2%CVE-2024-53542MEDIUMIncorrect access control in the component /iclock/Settings?restartNCS=1 of NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus v8.x to v8.6 EPSS 0.2%CVE-2026-7696MEDIUMAcrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform uploadH5Files unrestricted uploadEPSS 0.2%CVE-2024-30148MEDIUMHCL Leap is affected by improper access controlEPSS 0.2%CVE-2024-21248MEDIUMVulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are PrioEPSS 0.2%CVE-2024-33260MEDIUMJerryscript commit cefd391 was discovered to contain a segmentation violation via the component parser_parse_class at jerry-core/parser/js/jEPSS 0.2%CVE-2025-53061MEDIUMVulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: PIA Core Technology). Supported versions thEPSS 0.2%CVE-2024-36247MEDIUMImproper access control in Intel(R) RAID Web Console all versions may allow an authenticated user to potentially enable denial of service viEPSS 0.2%CVE-2025-64483MEDIUMWazuh API – Agent Configuration Has Improper Access Control in Agent Enrollment EndpointEPSS 0.2%