Weaknesses of type CWE-284
4,457 resultsCVE-2021-33162HIGHImproper access control in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow an authentEPSS 0.2%CVE-2026-10152MEDIUMTaleLin lin-cms-spring-boot book Endpoint BookController.java access controlEPSS 0.2%CVE-2026-5181MEDIUMSourceCodester Simple Doctors Appointment System ajax.php unrestricted uploadEPSS 0.2%CVE-2026-5670MEDIUMCyber-III Student-Management-System upload.php move_uploaded_file unrestricted uploadEPSS 0.2%CVE-2026-10172MEDIUMBdtask Multi-Store Inventory Management System Component Module.php upload unrestricted uploadEPSS 0.2%CVE-2025-15415MEDIUMxnx3 wangmarket XML File uploadImage.do uploadImage unrestricted uploadEPSS 0.2%CVE-2023-40071HIGHImproper access control in some Intel(R) GPA software installers before version 2023.3 may allow an authenticated user to potentially enableEPSS 0.2%CVE-2026-28381CRITICALLocal File Read/Write to Potential Privilege Escalation via Snowflake GET/PUTEPSS 0.2%CVE-2023-7025HIGHKylinSoft hedron-domain-hook DBus init_kcm access controlEPSS 0.2%CVE-2022-34457HIGH
Dell command configuration, version 4.8 and prior, contains improper folder permission when installed not to default path but to non-secureEPSS 0.2%CVE-2026-0977MEDIUMIBM CICS Transaction Gateway for Multiplatforms Information DisclosureEPSS 0.2%CVE-2026-48529MEDIUMGitHub MCP Server: Lockdown mode singleton in HTTP server causes cross-user GraphQL client confusionEPSS 0.2%CVE-2017-20233MEDIUMHirschmann HiLCOS Layer-2 Firewall Multicast Broadcast Traffic BypassEPSS 0.2%CVE-2026-39942HIGHDirectus has a Path Traversal and Broken Access Control in File Management APIEPSS 0.2%CVE-2024-1898LOWImproper access control in the notification feature in Devolutions Server 2023.3.14.0 and earlier allows a low privileged user to change notEPSS 0.2%CVE-2026-31150MEDIUMIncorrect access control in Kaleris YMS v7.2.2.1 allows authenticated attackers with only the shipping/receiving role to view the truck's daEPSS 0.2%CVE-2025-43414MEDIUMA permissions issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26EPSS 0.2%CVE-2026-32209MEDIUMWindows Filtering Platform (WFP) Security Feature Bypass VulnerabilityEPSS 0.2%CVE-2024-57336MEDIUMIncorrect access control in M2Soft CROWNIX Report & ERS affected v7.x to v7.4.3.599 and v8.x to v8.0.3.79 allows unauthorized attackers to oEPSS 0.2%CVE-2026-45266LOWNextcloud: Unauthorized force-mute from missing permission check when using internal signalingEPSS 0.2%