Weaknesses of type CWE-284

4,457 results
CVE-2026-29077HIGHFrappe: Broken Access Control in DocShareEPSS 0.2%CVE-2024-36438HIGHeLinkSmart Hidden Smart Cabinet Lock 2024-05-22 has Incorrect Access Control and fails to perform an authorization check which can lead to cEPSS 0.2%CVE-2026-22605MEDIUMOpenProject is Vulnerable to Insecure Direct Object Reference in MeetingsEPSS 0.2%CVE-2026-22014LOWVulnerability in the Oracle User Management product of Oracle E-Business Suite (component: Workflow and Business Events). Supported versionEPSS 0.2%CVE-2023-28907MEDIUMA lack of access restrictions on internal memory regionsEPSS 0.2%CVE-2023-23573MEDIUMImproper access control in the Intel(R) Unite(R) android application before Release 17 may allow a privileged user to potentially enable infEPSS 0.2%CVE-2026-45284MEDIUMNextcloud: Wrong condition in the User OIDC app's LdapService allowed deleted LDAP users to authenticateEPSS 0.2%CVE-2026-56334MEDIUMCapgo - Missing UPDATE RLS Policy for Build Status PersistenceEPSS 0.2%CVE-2026-50132HIGHBudibase: Chat Identity Link Hijacking via Missing Consent & CSRF — Account Impersonation in BudibaseEPSS 0.2%CVE-2023-42540MEDIUMImproper access control vulnerability in Samsung Account prior to version 14.5.01.1 allows attackers to access sensitive information via impEPSS 0.2%CVE-2022-36441HIGHAn issue was discovered in Zebra Enterprise Home Screen 4.1.19. The Gboard used by different applications can be used to launch and use seveEPSS 0.2%CVE-2025-55012HIGHZed AI Agent Remote Code ExecutionEPSS 0.2%CVE-2022-36875MEDIUMImproper restriction of broadcasting Intent in SaWebViewRelayActivity of?Waterplugin prior to version 2.2.11.22081151 allows attacker to accEPSS 0.2%CVE-2024-47975HIGHImproper access control validation in firmware of some Solidigm DC Products may allow an attacker with physical access to gain unauthorized EPSS 0.2%CVE-2025-52166MEDIUMIncorrect access control in Software GmbH Agorum core open v11.9.2 & v11.10.1 allows authenticated attackers to escalate privileges to AdminEPSS 0.2%CVE-2026-41837MEDIUMSpring Data REST Querydsl integration exposes Jackson-hidden persistent fields as filter keysEPSS 0.2%CVE-2023-32647MEDIUMImproper access control in some Intel(R) XTU software before version 7.12.0.29 may allow an authenticated user to potentially enable escalatEPSS 0.2%CVE-2023-39259HIGH Dell OS Recovery Tool, versions 2.2.4013, 2.3.7012.0, and 2.3.7515.0 contain an Improper Access Control Vulnerability. A local authenticateEPSS 0.2%CVE-2022-36442MEDIUMAn issue was discovered in Zebra Enterprise Home Screen 4.1.19. By using the embedded Google Chrome application, it is possible to install aEPSS 0.2%CVE-2022-21816MEDIUMNVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where a user in the guest OS can cause a GPU interruptEPSS 0.2%