Weaknesses of type CWE-284

4,457 results
CVE-2024-57336MEDIUMIncorrect access control in M2Soft CROWNIX Report & ERS affected v7.x to v7.4.3.599 and v8.x to v8.0.3.79 allows unauthorized attackers to oEPSS 0.2%CVE-2025-43270HIGHAn access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS VeEPSS 0.2%CVE-2026-25702HIGHnftables disabled due to incorrect kernel backportEPSS 0.2%CVE-2025-15152MEDIUMh-moses moga-mall PmsProductController.java addProduct unrestricted uploadEPSS 0.2%CVE-2024-37386MEDIUMAn issue was discovered in Stormshield Network Security (SNS) 4.0.0 through 4.3.25, 4.4.0 through 4.7.5, and 4.8.0. Certain manipulations alEPSS 0.2%CVE-2024-38310MEDIUMImproper access control in some Intel(R) Graphics Driver software installers may allow an authenticated user to potentially enable escalatioEPSS 0.2%CVE-2026-2850MEDIUMyeqifu warehouse Customer Endpoint CustomerController.java deleteCustomer access controlEPSS 0.2%CVE-2023-22014HIGHVulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Supported versions that are affectEPSS 0.2%CVE-2025-43291MEDIUMA permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS TahoeEPSS 0.2%CVE-2026-34324MEDIUMVulnerability in the Oracle Life Sciences InForm product of Oracle Life Science Applications (component: App Server). Supported versions thEPSS 0.2%CVE-2026-21997HIGHVulnerability in the Oracle Life Sciences Empirica Signal product of Oracle Life Science Applications (component: Common Core). Supported vEPSS 0.2%CVE-2025-24887MEDIUMOpenCTI bypass of protected attribute updateEPSS 0.2%CVE-2022-20732HIGHCisco Virtualized Infrastructure Manager Privilege Escalation VulnerabilityEPSS 0.2%CVE-2026-8127MEDIUMeladmin Users API Endpoint UserController.java checkLevel access controlEPSS 0.2%CVE-2026-9412MEDIUMSourceCodester Indian Invoicing System Backend Endpoint access controlEPSS 0.2%CVE-2026-5780HIGHMultiple vulnerabilities in MphRx's MinervaEPSS 0.2%CVE-2026-4514MEDIUMPbootCMS Backend UserController.php access controlEPSS 0.2%CVE-2026-7107MEDIUMcode-projects Invoice System in Laravel company unrestricted uploadEPSS 0.2%CVE-2026-11258MEDIUMInappropriate implementation in File System Access in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user toEPSS 0.2%CVE-2026-4505MEDIUMeosphoros-ai DB-GPT FastAPI Endpoint controller.py module_plugin.refresh_plugins unrestricted uploadEPSS 0.2%