Weaknesses of type CWE-284
4,457 resultsCVE-2026-11135MEDIUMInsufficient policy enforcement in Autofill in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass discretionary accessEPSS 0.2%CVE-2023-39257HIGH
Dell Rugged Control Center, version prior to 4.7, contains an Improper Access Control vulnerability. A local malicious standard user could EPSS 0.2%CVE-2026-34312LOWVulnerability in the RDBMS component of Oracle Database Server. Supported versions that are affected are 19.3-19.30. Easily exploitable vulEPSS 0.2%CVE-2026-7107MEDIUMcode-projects Invoice System in Laravel company unrestricted uploadEPSS 0.2%CVE-2023-22293HIGHImproper access control in the Intel(R) Thunderbolt(TM) DCH drivers for Windows may allow an authenticated user to potentially enable escalaEPSS 0.2%CVE-2026-7043MEDIUMGreenCMS index.php pluginAddLocal unrestricted uploadEPSS 0.2%CVE-2026-49938MEDIUMA improper access control vulnerability in Fortinet FortiPortal 7.4.0 through 7.4.7, FortiPortal 7.2.0 through 7.2.8, FortiPortal 7.0 all veEPSS 0.2%CVE-2026-7044MEDIUMGreenCMS index.php themeadd unrestricted uploadEPSS 0.2%CVE-2022-20732HIGHCisco Virtualized Infrastructure Manager Privilege Escalation VulnerabilityEPSS 0.2%CVE-2026-55119HIGHA malicious actor with access to the network and low privileges could exploit an Improper Access Control vulnerability found in UniFi Talk AEPSS 0.2%CVE-2026-4505MEDIUMeosphoros-ai DB-GPT FastAPI Endpoint controller.py module_plugin.refresh_plugins unrestricted uploadEPSS 0.2%CVE-2026-8127MEDIUMeladmin Users API Endpoint UserController.java checkLevel access controlEPSS 0.2%CVE-2026-9412MEDIUMSourceCodester Indian Invoicing System Backend Endpoint access controlEPSS 0.2%CVE-2023-39256HIGH
Dell Rugged Control Center, version prior to 4.7, contains an improper access control vulnerability. A local malicious standard user could EPSS 0.2%CVE-2026-11078MEDIUMInappropriate implementation in FileSystem in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the rendereEPSS 0.2%CVE-2026-28803MEDIUMOpen Forms possible to view submission details of other people than intendedEPSS 0.2%CVE-2026-5780HIGHMultiple vulnerabilities in MphRx's MinervaEPSS 0.2%CVE-2026-11197MEDIUMInsufficient policy enforcement in Workers in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the rendereEPSS 0.2%CVE-2025-31268MEDIUMA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26EPSS 0.2%CVE-2025-32992HIGHThermo Fisher Scientific ePort through 3.0.0 has Incorrect Access Control.EPSS 0.2%