Weaknesses of type CWE-284
4,457 resultsCVE-2026-43701HIGHThe issue was addressed with improved checks. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A maliEPSS 0.2%CVE-2022-35276HIGHImproper access control in BIOS firmware for some Intel(R) NUC 8 Compute Elements before version CBWHL357.0096 may allow a privileged user tEPSS 0.2%CVE-2026-56257HIGHCapgo - Authorization Bypass in App Ownership Transfer via Direct PostgREST UpdateEPSS 0.2%CVE-2025-3082LOWUser may override a view's collation and gain unauthorized access to underlying dataEPSS 0.2%CVE-2024-39797MEDIUMImproper access control in some drivers for Intel(R) Ethernet Connection I219 Series before version 12.19.1.39 may allow an authenticated usEPSS 0.2%CVE-2025-65841MEDIUMAquarius Desktop 3.0.069 for macOS stores user authentication credentials in the local file ~/Library/Application Support/Aquarius/aquarius.EPSS 0.2%CVE-2024-3746MEDIUMMeasuresoft ScadaPro Improper Access ControlEPSS 0.2%CVE-2025-65097HIGHInsecure Direct Object Reference (IDOR) Allows Unauthorized Deletion of User CollectionsEPSS 0.2%CVE-2023-35062MEDIUMImproper access control in some Intel(R) DSA software before version 23.4.33 may allow a privileged user to potentially enable escalation ofEPSS 0.2%CVE-2026-43934MEDIUMe107: Broken Access Control in e107 comment edit allows cross-user comment modificationEPSS 0.2%CVE-2026-41487MEDIUMLangfuse: Improper role-based-access control in Langfuse LLM connection management allowed users of role “member” to retrieve stored LLM provider API keysEPSS 0.2%CVE-2025-36636MEDIUMImproper Access ControlEPSS 0.2%CVE-2025-43340HIGHA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to break out of itEPSS 0.2%CVE-2024-39934HIGHRobotmk before 2.0.1 allows a local user to escalate privileges (e.g., to SYSTEM) if automated Python environment setup is enabled, because EPSS 0.2%CVE-2025-43477MEDIUMA privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.7.2, macOS SonomEPSS 0.2%CVE-2023-29113MEDIUMA lack of access control in custom IPC mechanismEPSS 0.2%CVE-2025-30729MEDIUMVulnerability in the Oracle Communications Order and Service Management product of Oracle Communications Applications (component: Security).EPSS 0.2%CVE-2025-43396MEDIUMA logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. A sandEPSS 0.2%CVE-2026-7021MEDIUMSmythOS sre Connector Service utils.ts information disclosureEPSS 0.2%CVE-2026-34284MEDIUMVulnerability in the Oracle Business Process Management Suite product of Oracle Fusion Middleware (component: Human workflow 11g+). SupportEPSS 0.2%