Weaknesses of type CWE-266
960 resultsCVE-2026-9376MEDIUMJPress UCenter Article Submission Endpoint doWriteSave improper authorizationEPSS 0.3%CVE-2020-10695—An insecure modification flaw in the /etc/passwd file was found in the redhat-sso-7 container. An attacker with access to the container can EPSS 0.3%CVE-2025-14016MEDIUMmacrozheng mall-swarm delete improper authorizationEPSS 0.2%CVE-2026-43000MEDIUMAn issue was discovered in OpenStack Keystone before 29.0.2. When combined with an application credential impersonation vulnerability, an atEPSS 0.2%CVE-2025-13576MEDIUMcode-projects Blog Site admin.php improper authorizationEPSS 0.2%CVE-2026-35062HIGHiControl SOAP vulnerabilityEPSS 0.2%CVE-2021-1572HIGHConfD CLI Secure Shell Server Privilege Escalation VulnerabilityEPSS 0.2%CVE-2025-52726HIGHWordPress CouponXxL Custom Post Types plugin <= 3.0 - Privilege Escalation VulnerabilityEPSS 0.2%CVE-2026-56251HIGHCapgo - Privilege Escalation via Broken Row Level Security in org_usersEPSS 0.2%CVE-2023-49647HIGHZoom Desktop Client for Windows - Improper Access ControlEPSS 0.2%CVE-2025-9602MEDIUMXinhu RockOA index.php publicsaveAjax improper authorizationEPSS 0.2%CVE-2025-6531MEDIUMSIFUSM/MZZYG BD S1 RTSP Live Video Stream Endpoint access controlEPSS 0.2%CVE-2024-37293HIGHaws-deployment-framework's potential risk can lead to privilege escalationEPSS 0.2%CVE-2025-15084LOWyoulaitech youlai-mall Order Payment OrderController.java orderService.payOrder access controlEPSS 0.2%CVE-2019-19355HIGHAn insecure modification vulnerability in the /etc/passwd file was found in the openshift/ocp-release-operator-sdk. An attacker with access EPSS 0.2%CVE-2025-56503MEDIUMAn issue in Sublime HQ Pty Ltd Sublime Text 4 4200 allows authenticated attackers with low-level privileges to escalate privileges to AdminiEPSS 0.2%CVE-2019-19351HIGHAn insecure modification vulnerability in the /etc/passwd file was found in the container openshift/jenkins. An attacker with access to the EPSS 0.2%CVE-2025-14889MEDIUMCampcodes Advanced Voting Management System Password voters_edit.php improper authorizationEPSS 0.2%CVE-2025-47291MEDIUMcontainerd CRI plugin: Incorrect cgroup hierarchy assignment for containers running in usernamespaced Kubernetes pods.EPSS 0.2%CVE-2024-25633MEDIUMIn eLabFTW, if administrators can create users, users can tooEPSS 0.2%