Weaknesses of type CWE-284
4,356 resultsCVE-2024-11138MEDIUMDedeCMS friendlink_add.php unrestricted uploadEPSS 2.5%CVE-2022-0732—The backend infrastructure shared by multiple mobile device monitoring services does not adequately authenticate or authorize API requests, EPSS 2.5%CVE-2026-34908CRITICALA malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi OS devices to make unauthEPSS 2.5%KEVCVE-2024-0324HIGHUser Profile Builder <= 3.10.8 - Missing Authorization to Plugin Settings Change via wppb_two_factor_authentication_settings_updateEPSS 2.4%CVE-2021-21020MEDIUMMagento Commerce Improper Access Control VulnerabilityEPSS 2.4%CVE-2022-21619LOWVulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions tEPSS 2.4%CVE-2024-56898HIGHBroken access control vulnerability in Geovision GV-ASWeb with version v6.1.0.0 or less. This vulnerability allows low privilege users perfoEPSS 2.4%CVE-2019-12648CRITICALCisco IOx for IOS Software Guest Operating System Unauthorized Access VulnerabilityEPSS 2.4%CVE-2020-11028MEDIUMUnauthenticated disclosure of certain private posts in WordPressEPSS 2.3%CVE-2021-45034—A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions < V16.20), CP-8000 MASTER MODULE WITH I/O -40/EPSS 2.3%CVE-2024-29055HIGHMicrosoft Defender for IoT Elevation of Privilege VulnerabilityEPSS 2.3%CVE-2024-29054HIGHMicrosoft Defender for IoT Elevation of Privilege VulnerabilityEPSS 2.3%CVE-2018-0447—Cisco Email Security Appliance URL Filtering Bypass VulnerabilityEPSS 2.3%CVE-2017-7928—An Improper Access Control issue was discovered in Schweitzer Engineering Laboratories (SEL) SEL-3620 and SEL-3622 Security Gateway VersionsEPSS 2.3%CVE-2025-60705HIGHWindows Client-Side Caching Elevation of Privilege VulnerabilityEPSS 2.3%CVE-2019-10925—A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). An authenticated attacker could escalate privileges by EPSS 2.3%CVE-2020-24441MEDIUMImproper Access Control in Adobe Acrobat Reader for AndroidEPSS 2.3%CVE-2025-20242MEDIUMA vulnerability in the Cloud Connect component of Cisco Unified Contact Center Enterprise (CCE) could allow an unauthenticated, remote attacEPSS 2.3%CVE-2019-9886CRITICALeClass platform allows user to download arbitrary files without authenticationEPSS 2.2%CVE-2025-54914CRITICALAzure Networking Elevation of Privilege VulnerabilityEPSS 2.2%