Weaknesses of type CWE-284

4,453 results
CVE-2024-21248MEDIUMVulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are PrioEPSS 0.2%CVE-2026-1126MEDIUMlwj flow SVG File FormResource.java uploadFile unrestricted uploadEPSS 0.2%CVE-2024-36261LOWImproper access control in Intel(R) RAID Web Console software all versions may allow an authenticated user to potentially enable denial of sEPSS 0.2%CVE-2026-7696MEDIUMAcrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform uploadH5Files unrestricted uploadEPSS 0.2%CVE-2026-49824HIGHFission: Cross-namespace Environment reference via unvalidated EnvironmentRef in Function admission webhookEPSS 0.2%CVE-2025-8764MEDIUMlinlinjava litemall upload unrestricted uploadEPSS 0.2%CVE-2024-40825MEDIUMThe issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15, visionOS 2. A malicious app with root privileges may EPSS 0.2%CVE-2024-2447MEDIUMMattermost versions 8.1.x before 8.1.11, 9.3.x before 9.3.3, 9.4.x before 9.4.4, and 9.5.x before 9.5.2 fail to authenticate the source of cEPSS 0.2%CVE-2026-4875MEDIUMitsourcecode Free Hotel Reservation System index.php unrestricted uploadEPSS 0.2%CVE-2025-62393MEDIUMMoodle: course access permissions not properly checked in course_output_fragment_course_overviewEPSS 0.2%CVE-2024-21483MEDIUMA vulnerability has been identified in SENTRON 7KM PAC3120 AC/DC (7KM3120-0BA01-1DA0) (All versions >= V3.2.3 < V3.2.4 only when manufactureEPSS 0.2%CVE-2024-42795MEDIUMAn Incorrect Access Control vulnerability was found in /music/view_user.php?id=3 and /music/controller.php?page=edit_user&id=3 in Kashipara EPSS 0.2%CVE-2026-6650MEDIUMZ-BlogPHP ZBA File app_upload.php UnPack unrestricted uploadEPSS 0.2%CVE-2026-1445MEDIUMiJason-Liu Books_Manager upload_bookCover.php unrestricted uploadEPSS 0.2%CVE-2023-23508MEDIUMThe issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7.3, macOS Ventura 13.2, macOS Monterey 12.6.EPSS 0.2%CVE-2026-7673MEDIUMcrmeb_java Admin Upload UploadServiceImpl.java unrestricted uploadEPSS 0.2%CVE-2025-65795HIGHIncorrect access control in the /api/v1/user endpoint of usememos memos v0.25.2 allows unauthorized attackers to create arbitrary accounts vEPSS 0.2%CVE-2022-21825An Improper Access Control vulnerability exists in Citrix Workspace App for Linux 2012 - 2111 with App Protection installed that can allow aEPSS 0.2%CVE-2021-1583MEDIUMCisco Nexus 9000 Series Fabric Switches ACI Mode Arbitrary File Read VulnerabilityEPSS 0.2%CVE-2025-57219MEDIUMIncorrect access control in the endpoint /goform/ate of Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 allows attackers to escalate priviEPSS 0.2%