Weaknesses of type CWE-284

4,457 results
CVE-2023-25073MEDIUMImproper access control in some Intel(R) DSA software before version 23.4.33 may allow an authenticated user to potentially enable denial ofEPSS 0.2%CVE-2025-43407HIGHThis issue was addressed with improved entitlements. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS SeEPSS 0.2%CVE-2023-40161MEDIUMImproper access control in some Intel Unite(R) Client software before version 4.2.35041 may allow an authenticated user to potentially enablEPSS 0.2%CVE-2023-47859MEDIUMImproper access control for some Intel(R) Wireless Bluetooth products for Windows before version 23.20 may allow an authenticated user to poEPSS 0.2%CVE-2023-37194MEDIUMA vulnerability has been identified in SIMATIC CP 1604 (All versions), SIMATIC CP 1616 (All versions), SIMATIC CP 1623 (All versions), SIMATEPSS 0.2%CVE-2021-1113MEDIUMNVIDIA camera firmware contains a difficult to exploit vulnerability where a highly privileged attacker can cause unauthorized modification EPSS 0.2%CVE-2026-46842MEDIUMVulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vuEPSS 0.2%CVE-2025-61762MEDIUMVulnerability in the PeopleSoft Enterprise FIN Payables product of Oracle PeopleSoft (component: Payables). The supported version that is EPSS 0.2%CVE-2025-43325MEDIUMAn access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access sensEPSS 0.2%CVE-2025-43207MEDIUMThis issue was addressed with improved entitlements. This issue is fixed in macOS Tahoe 26. An app may be able to access user-sensitive dataEPSS 0.2%CVE-2023-24481MEDIUMImproper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentEPSS 0.2%CVE-2026-3932MEDIUMInsufficient policy enforcement in PDF in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to bypass navigation resEPSS 0.2%CVE-2026-35066HIGHDell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Improper Access Control vulnerability. A low privileged attacker with remEPSS 0.2%CVE-2022-36374HIGHImproper access control in some Intel(R) Aptio* V UEFI Firmware Integrator Tools before version iDmi Windows 5.27.03.0003 may allow a privilEPSS 0.2%CVE-2025-31270MEDIUMA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access protecteEPSS 0.2%CVE-2025-43208MEDIUMA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to read sensitive EPSS 0.2%CVE-2023-26585MEDIUMImproper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentEPSS 0.2%CVE-2026-8566MEDIUMInsufficient policy enforcement in Payments in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to bypass discretiEPSS 0.2%CVE-2023-43089MEDIUM Dell Rugged Control Center, version prior to 4.7, contains insufficient protection for the Policy folder. A local malicious standard user cEPSS 0.2%CVE-2026-56257HIGHCapgo - Authorization Bypass in App Ownership Transfer via Direct PostgREST UpdateEPSS 0.2%