Weaknesses of type CWE-284

4,457 results
CVE-2024-54559MEDIUMThe issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2. An app may be able to access sensitive user data.EPSS 0.2%CVE-2021-43986MEDIUMICSA-22-109-03 FANUC ROBOGUIDE Simulation PlatformEPSS 0.2%CVE-2026-11190MEDIUMInappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malEPSS 0.2%CVE-2025-20076LOWImproper access control for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an unauthenticated user to potentialEPSS 0.2%CVE-2023-42957LOWA permissions issue was addressed with additional restrictions. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10. AnEPSS 0.2%CVE-2024-54565MEDIUMThe issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2. An app may be able to access sensitive user data.EPSS 0.2%CVE-2022-38388MEDIUMIBM Navigator Mobile Android 3.4.1.1 and 3.4.1.2 app could allow a local user to obtain sensitive information due to improper access controlEPSS 0.2%CVE-2026-35244MEDIUMVulnerability in the Oracle Hyperion Infrastructure Technology product of Oracle Hyperion (component: Lifecycle Management). The supportedEPSS 0.2%CVE-2023-20579MEDIUMImproper Access Control in the AMD SPI protection feature may allow a user with Ring0 (kernel mode) privileged access to bypass protections EPSS 0.2%CVE-2024-41605HIGHIn Foxit PDF Reader before 2024.3, and PDF Editor before 2024.3 and 13.x before 13.1.4, an attacker can replace an update file with a TrojanEPSS 0.2%CVE-2023-43079HIGH Dell OpenManage Server Administrator, versions 11.0.0.0 and prior, contains an Improper Access Control vulnerability. A local low-privilegeEPSS 0.2%CVE-2022-41769MEDIUMImproper access control in the Intel(R) Connect M Android application before version 1.82 may allow an authenticated user to potentially enaEPSS 0.2%CVE-2023-3039HIGH SD ROM Utility, versions prior to 1.0.2.0 contain an Improper Access Control vulnerability. A low-privileged malicious user may potentiallyEPSS 0.2%CVE-2025-61761MEDIUMVulnerability in the PeopleSoft Enterprise FIN Maintenance Management product of Oracle PeopleSoft (component: Work Order Management). TheEPSS 0.2%CVE-2024-36488MEDIUMImproper Access Control in some Intel(R) DSA before version 24.3.26.8 may allow an authenticated user to potentially enable escalation of prEPSS 0.2%CVE-2023-43487MEDIUMImproper access control in some Intel(R) CST before version 2.1.10300 may allow an authenticated user to potentially enable denial of servicEPSS 0.2%CVE-2026-3940MEDIUMInsufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictiEPSS 0.2%CVE-2026-5171MEDIUMImproper access control in the entry activity log feature in Devolutions Server allows an authenticated user with access to an entry but witEPSS 0.2%CVE-2024-54556LOWThis issue was addressed through improved state management. This issue is fixed in iOS 18.1 and iPadOS 18.1. A user may be able to view restEPSS 0.2%CVE-2025-69284MEDIUMIn plane.io, a Guest User to a Workspace can still be able to see list of membersEPSS 0.2%