Weaknesses of type CWE-284

4,457 results
CVE-2026-1411MEDIUMBeetel 777VR1 UART access controlEPSS 0.2%CVE-2023-39253HIGH Dell OS Recovery Tool, versions 2.2.4013, 2.3.7012.0, and 2.3.7515.0 contain an Improper Access Control Vulnerability. A local authenticateEPSS 0.2%CVE-2026-21961MEDIUMVulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft (component: Company Dir / Org Chart Viewer, EmplEPSS 0.2%CVE-2026-45154LOWNextcloud: Improper Access Control in CollectivesEPSS 0.2%CVE-2023-31100HIGHImproper Access Control in SMI handler vulnerability in Phoenix SecureCore™ Technology™ 4 allows SPI flash modification. This issue affects EPSS 0.2%CVE-2023-21465MEDIUMImproper access control vulnerability in BixbyTouch prior to version 3.2.02.5 in China models allows untrusted applications access local filEPSS 0.2%CVE-2026-20259MEDIUMImproper Access Control in Splunk EnterpriseEPSS 0.2%CVE-2026-11257MEDIUMInappropriate implementation in Browser in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions EPSS 0.2%CVE-2025-22844MEDIUMImproper access control for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an unauthenticated user to potentialEPSS 0.2%CVE-2023-33875HIGHImproper access control for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenEPSS 0.2%CVE-2023-38561MEDIUMImproper access control in some Intel(R) XTU software before version 7.12.0.29 may allow an authenticated user to potentially enable escalatEPSS 0.2%CVE-2026-34082MEDIUMDify has IDOR in deleting someone else's chat conversationEPSS 0.2%CVE-2026-33415MEDIUMDiscourse: Improper Access Control in discourse-ai Allows Unauthorized Category Content ExposureEPSS 0.2%CVE-2023-27303LOWImproper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentEPSS 0.2%CVE-2022-30715MEDIUMImproper access control vulnerability in DofViewer prior to SMR Jun-2022 Release 1 allows attackers to control floating system alert window.EPSS 0.2%CVE-2026-2356MEDIUMUser Registration & Membership <= 5.1.2 - Insecure Direct Object Reference to Unauthenticated Limited User DeletionEPSS 0.2%CVE-2026-35241MEDIUMVulnerability in the PeopleSoft Enterprise CS Student Records product of Oracle PeopleSoft (component: Research Tracking). The supported vEPSS 0.2%CVE-2023-29157HIGHImproper access control in some Intel(R) OFU software before version 14.1.31 may allow an authenticated user to potentially enable escalatioEPSS 0.2%CVE-2026-3934MEDIUMInsufficient policy enforcement in ChromeDriver in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass same origin poliEPSS 0.2%CVE-2025-30690HIGHVulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The supported version that is affected is 11. DiffiEPSS 0.2%