Weaknesses of type CWE-284
4,457 resultsCVE-2024-47976MEDIUMImproper access removal handling in firmware of some Solidigm DC Products may allow an attacker with physical access to gain unauthorized acEPSS 0.2%CVE-2022-3182—Improper Access Control vulnerability in the Duo SMS two-factor of Devolutions Remote Desktop Manager 2022.2.14 and earlier allows attackersEPSS 0.2%CVE-2026-48900MEDIUMJoomla! Core - [20260516] - Incorrect Access Control in com_schedulerEPSS 0.2%CVE-2026-35533HIGHmise has a local settings bypass config trust checksEPSS 0.2%CVE-2024-29077MEDIUMImproper access control in some JAM STAPL Player software before version 2.6.1 may allow an authenticated user to potentially enable escalatEPSS 0.2%CVE-2024-34022MEDIUMImproper Access Control in some Thunderbolt(TM) Share software before version 1.0.49.9 may allow an authenticated user to potentially enableEPSS 0.2%CVE-2024-28170LOWImproper access control in Intel(R) RAID Web Console all versions may allow an authenticated user to potentially enable information disclosuEPSS 0.2%CVE-2023-34470MEDIUMImproper access control EPSS 0.2%CVE-2022-45112HIGHImproper access control in some Intel(R) VROC software before version 8.0.0.4035 may allow an authenticated user to potentially enable escalEPSS 0.2%CVE-2023-43072MEDIUM
Dell SmartFabric Storage Software v1.4 (and earlier) contains an improper access control vulnerability in the CLI. A local possibly unautheEPSS 0.2%CVE-2026-39346MEDIUMOrangeHRM has Improper Access Control Allowing Access to Disabled Modules via URL EncodingEPSS 0.2%CVE-2026-12460MEDIUMInsufficient policy enforcement in File System Access in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromisedEPSS 0.2%CVE-2025-47792MEDIUMNextcloud Desktop 3rdparty applications can create share links via socket APIEPSS 0.2%CVE-2026-41123MEDIUMDell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1EPSS 0.2%CVE-2026-40713MEDIUMDell ThinOS 10, versions prior to ThinOS10 2602_10.0765, contain an Improper Access control vulnerability. An unauthenticated attacker with EPSS 0.2%CVE-2023-21491HIGHImproper access control vulnerability in ThemeManager prior to SMR May-2023 Release 1 allows local attackers to write arbitrary files with sEPSS 0.2%CVE-2026-34307MEDIUMVulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Workflow). Supported versions that are affeEPSS 0.2%CVE-2026-9789HIGHNitroSense V3: Security Vulnerability InformationEPSS 0.2%CVE-2023-32609MEDIUMImproper access control in the Intel Unite(R) android application before version 4.2.3504 may allow an authenticated user to potentially enaEPSS 0.2%CVE-2026-46848HIGHVulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 14.EPSS 0.2%