Weaknesses of type CWE-284

4,410 results
CVE-2024-40475MEDIUMSourceCodester Best House Rental Management System v1.0 is vulnerable to Incorrect Access Control via /rental/payment_report.php, /rental/baEPSS 0.5%CVE-2024-10766MEDIUMCodezips Free Exam Hall Seating Management System save_user.php unrestricted uploadEPSS 0.5%CVE-2021-36913HIGHRedirection for Contact Form 7 <= 2.4.0 - Unauthenticated Options Change and Content Injection vulnerabilityEPSS 0.5%CVE-2025-4980MEDIUMNetgear DGND3700 mini_http currentsetting.htm information disclosureEPSS 0.5%CVE-2025-4977MEDIUMNetgear DGND3700 BRS_top.html information disclosureEPSS 0.5%CVE-2023-1489HIGHLespeed WiseCleaner Wise System Monitor IoControlCode WiseHDInfo64.dll 0x9C402088 access controlEPSS 0.5%CVE-2021-41834MEDIUMJFrog Artifactory prior to version 7.28.0 and 6.23.38, is vulnerable to Broken Access Control, the copy functionality can be used by a low-pEPSS 0.5%CVE-2025-4271MEDIUMTOTOLINK A720R cstecgi.cgi information disclosureEPSS 0.5%CVE-2025-21359HIGHWindows Kernel Security Feature Bypass VulnerabilityEPSS 0.5%CVE-2025-3237MEDIUMTenda FH1202 wrlwpsset access controlEPSS 0.5%CVE-2026-0386HIGHWindows Deployment Services Remote Code Execution VulnerabilityEPSS 0.5%CVE-2021-23173LOWICSMA-22-006-01 Philips Engage SoftwareEPSS 0.5%CVE-2025-67014HIGHIncorrect access control in DEV Systemtechnik GmbH DEV 7113 RF over Fiber Distribution System 32-0078 H.01 allows unauthenticated attackers EPSS 0.5%CVE-2023-49473CRITICALShenzhen JF6000 Cloud Media Collaboration Processing Platform firmware version V1.2.0 and software version V2.0.0 build 6245 is vulnerable tEPSS 0.5%CVE-2025-4118MEDIUMWeitong Mall Product History historyList access controlEPSS 0.5%CVE-2022-46331HIGH An unauthorized user could possibly delete any file on the system. EPSS 0.5%CVE-2026-48939CRITICALJoomla Extension - icagenda.com - Remote Code Execution in iCaganda extension for Joomla < 4.0.8/3.9.15EPSS 0.5%CVE-2025-58724HIGHArc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege VulnerabilityEPSS 0.5%CVE-2026-2147MEDIUMTenda AC21 Web Management DownloadLog information disclosureEPSS 0.5%CVE-2019-10167HIGHThe virConnectGetDomainCapabilities() libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" argument toEPSS 0.5%