Weaknesses of type CWE-284

4,457 results
CVE-2022-43702Incomplete verification of installation file signatureEPSS 0.2%CVE-2022-42465HIGHImproper access control in kernel mode driver for the Intel(R) OFU software before version 14.1.30 may allow a privileged user to potentiallEPSS 0.2%CVE-2026-46825MEDIUMVulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: VMSVGA device). The supported version that is affecEPSS 0.2%CVE-2026-35252MEDIUMVulnerability in the Oracle Security Service product of Oracle Fusion Middleware (component: C Oracle SSL API). Supported versions that areEPSS 0.2%CVE-2024-36505MEDIUMAn improper access control vulnerability [CWE-284] in FortiOS 7.4.0 through 7.4.3, 7.2.5 through 7.2.7, 7.0.12 through 7.0.14 and 6.4.x may EPSS 0.2%CVE-2026-27152LOWDIscourse has DM communication-preference bypass when adding membersEPSS 0.2%CVE-2022-39878MEDIUMImproper access control vulnerability in Samsung Checkout prior to version 5.0.55.3 allows attackers to access sensitive information via impEPSS 0.2%CVE-2022-37343HIGHImproper access control in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of prEPSS 0.2%CVE-2025-50072MEDIUMVulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected areEPSS 0.2%CVE-2025-65963MEDIUMCFiles Unauthorized Folder/ZIP Access in Public SpacesEPSS 0.2%CVE-2025-46288MEDIUMA permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS EPSS 0.2%CVE-2023-22312HIGHImproper access control for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via loEPSS 0.2%CVE-2022-32582MEDIUMImproper access control in firmware for some Intel(R) NUC Boards, Intel(R) NUC 11 Performance Kit, Intel(R) NUC 11 Performance Mini PC, InteEPSS 0.2%CVE-2025-65798MEDIUMIncorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily modify or delete attachments maEPSS 0.2%CVE-2021-22126MEDIUMA use of hard-coded password vulnerability in FortiWLC version 8.5.2 and below, version 8.4.8 and below, version 8.3.3 to 8.3.2, version 8.2EPSS 0.2%CVE-2023-32285MEDIUMImproper access control in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable denial of service via local accEPSS 0.2%CVE-2023-28066HIGH Dell OS Recovery Tool, versions 2.2.4013 and 2.3.7012.0, contain an Improper Access Control Vulnerability. A local authenticated non-adminiEPSS 0.2%CVE-2024-33673HIGHAn issue was discovered in Veritas Backup Exec before 22.2 HotFix 917391. Improper access controls allow for DLL Hijacking in the Windows DLEPSS 0.2%CVE-2024-47976MEDIUMImproper access removal handling in firmware of some Solidigm DC Products may allow an attacker with physical access to gain unauthorized acEPSS 0.2%CVE-2022-3182Improper Access Control vulnerability in the Duo SMS two-factor of Devolutions Remote Desktop Manager 2022.2.14 and earlier allows attackersEPSS 0.2%