Weaknesses of type CWE-284

4,434 results
CVE-2023-32572MEDIUMFlashArray pgroup Retention Lock SafeMode ProtectionEPSS 0.4%CVE-2025-4923MEDIUMSourceCodester Client Database Management System user_delivery_update.php unrestricted uploadEPSS 0.4%CVE-2026-46788HIGHVulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). The supported version that EPSS 0.4%CVE-2025-2306MEDIUMImproper Access Control vulnerability in LIVE CONTRACTEPSS 0.4%CVE-2025-54591HIGHFreshRSS: Unauthenticated users can view default user's informationEPSS 0.4%CVE-2024-26139HIGHOpenCTI Authenticated Privilege EscalationEPSS 0.4%CVE-2026-46809CRITICALVulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: WebCenter Sites). Supported versions that are aEPSS 0.4%CVE-2025-30436CRITICALThis issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18.4 and iPadOS 18.4. An attacker mayEPSS 0.4%CVE-2026-21627CRITICALExtension - tassos.gr - SQL injection and Unauthenticated File Read in Novarain/Tassos Framework v4.10.14 – v6.0.37 for JoomlaEPSS 0.4%CVE-2026-24055MEDIUMLangfuse Slack OAuth Installation Endpoint Lacks Authentication, Enabling Arbitrary Project LinkingEPSS 0.4%CVE-2025-3966MEDIUMitwanger paicoding Browsing History home information disclosureEPSS 0.4%CVE-2025-7755MEDIUMcode-projects Online Ordering System edit_product.php unrestricted uploadEPSS 0.4%CVE-2024-57155CRITICALIncorrect access control in radar v1.0.8 allows attackers to bypass authentication and access sensitive APIs without a token.EPSS 0.4%CVE-2024-57154CRITICALIncorrect access control in dts-shop v0.0.1-SNAPSHOT allows attackers to bypass authentication via sending a crafted payload to /admin/auth/EPSS 0.4%CVE-2025-31247HIGHA logic issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13EPSS 0.4%CVE-2024-57157CRITICALIncorrect access control in Jantent v1.1 allows attackers to bypass authentication and access sensitive APIs without a token.EPSS 0.4%CVE-2026-20697MEDIUMA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS TahoEPSS 0.4%CVE-2024-1053MEDIUMEvent Tickets and Registration <= 5.8.1 - Missing AuthorizationEPSS 0.4%CVE-2024-12294MEDIUMLast Viewed Posts by WPBeginner <= 1.0.1 - Unauthenticated Sensitive Information ExposureEPSS 0.4%CVE-2018-15371Cisco IOS XE Software Shell Access Authentication Bypass VulnerabilityEPSS 0.4%