Weaknesses of type CWE-284

4,395 results
CVE-2021-28507MEDIUMAn issue has recently been discovered in Arista EOS where, under certain conditions, the service ACL configured for OpenConfig gNOI and OpenConfig RESTCONF might be bypassed, which results in the denied requests being forwarded to the agent.EPSS 0.7%CVE-2017-9513Several rest inline action resources of Atlassian Activity Streams before version 6.3.0 allows remote authenticated attackers to watch any CEPSS 0.7%CVE-2019-3779HIGHCloud Foundry Container Runtime allows a user to bypass security policy when talking to ETCDEPSS 0.7%CVE-2023-22285HIGHImproper access control for some Intel Unison software may allow an unauthenticated user to potentially enable denial of service via networkEPSS 0.7%CVE-2023-22807CRITICALCVE-2023-22807EPSS 0.7%CVE-2023-24905HIGHRemote Desktop Client Remote Code Execution VulnerabilityEPSS 0.7%CVE-2024-46609HIGHAn access control issue in the CheckVip function in UserController.java of IceCMS v3.4.7 and before allows unauthenticated attackers to acceEPSS 0.7%CVE-2025-51539MEDIUMEzGED3 3.5.0 contains an unauthenticated arbitrary file read vulnerability due to improper access control and insufficient input validation EPSS 0.7%CVE-2022-0727MEDIUMImproper Access Control in chocobozzz/peertubeEPSS 0.7%CVE-2023-22487HIGHPost mentions can be used to read any post on the forum without access controlEPSS 0.7%CVE-2024-31846HIGHAn issue was discovered in Italtel Embrace 1.6.4. The web application does not restrict or incorrectly restricts access to a resource from aEPSS 0.7%CVE-2022-41155MEDIUMWordPress iQ Block Country plugin <= 1.2.18 - Block BYPASS vulnerabilityEPSS 0.7%CVE-2020-1732MEDIUMA flaw was found in Soteria before 1.0.1, in a way that multiple requests occurring concurrently causing security identity corruption acrossEPSS 0.7%CVE-2020-5293MEDIUMImproper access control on product page with combinations, attachments and specific prices in PrestaShopEPSS 0.7%CVE-2020-5288MEDIUMImproper access control on product attributes page in PrestaShopEPSS 0.7%CVE-2026-21636MEDIUMA flaw in Node.js's permission model allows Unix Domain Socket (UDS) connections to bypass network restrictions when `--permission` is enablEPSS 0.7%CVE-2020-5287MEDIUMImproper access control on customers search in PrestaShopEPSS 0.7%CVE-2024-45432HIGHOpenSynergy BlueSDK (aka Blue SDK) through 6.x mishandles a function call. The specific flaw exists within the BlueSDK Bluetooth stack. The EPSS 0.7%CVE-2022-36024HIGHBots using py-cord as discord api wrapper are vulnerable to shutdowns through remote code executionEPSS 0.7%CVE-2023-23445HIGHImproper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows aEPSS 0.7%