Weaknesses of type CWE-284
4,436 resultsCVE-2024-40749HIGH[20250103] - Core - Read ACL violation in multiple core viewsEPSS 0.4%CVE-2024-34404MEDIUMA vulnerability was discovered in the Alta Recovery Vault feature of Veritas NetBackup before 10.4 and NetBackup Appliance before 5.4. By deEPSS 0.4%CVE-2025-3325MEDIUMiteaj iboot 物联网网关 Admin Password pwd access controlEPSS 0.4%CVE-2026-46901CRITICALVulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite (component: Core). Supported versions thEPSS 0.4%CVE-2026-46897CRITICALVulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite (component: Core). Supported versions thEPSS 0.4%CVE-2025-10607MEDIUMPortabilis i-Educar diarioApi information disclosureEPSS 0.4%CVE-2022-36263—StreamLabs Desktop Application 1.9.0 is vulnerable to Incorrect Access Control via obs64.exe. An attacker can execute arbitrary code via a cEPSS 0.4%CVE-2024-48010MEDIUMDell PowerProtect DD, versions prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50, contains an access control vulnerability. A remote highEPSS 0.4%CVE-2025-43416CRITICALA logic issue was addressed with improved restrictions. This issue is fixed in macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2. EPSS 0.4%CVE-2025-2607MEDIUMphplaozhang LzCMS-LaoZhangBoKeXiTong HTTP POST Request upimage.html unrestricted uploadEPSS 0.4%CVE-2026-1170MEDIUMbirkir prime GraphQL API graphql information disclosureEPSS 0.4%CVE-2026-31872HIGHParse Server has a protected fields bypass via dot-notation in query and sortEPSS 0.4%CVE-2023-6810MEDIUMClickCease Click Fraud Protection <= 3.2.4 - Improper Authorization to sensitive information exposure via get_settingsEPSS 0.4%CVE-2021-1515MEDIUMCisco SD-WAN vManage Information Disclosure VulnerabilityEPSS 0.4%CVE-2025-1590MEDIUMSourceCodester E-Learning System List of Lessons Page index.php unrestricted uploadEPSS 0.4%CVE-2024-51988MEDIUMHTTP API's queue deletion endpoint does not verify that the user has a required permissionEPSS 0.4%CVE-2025-62570HIGHWindows Camera Frame Server Monitor Information Disclosure VulnerabilityEPSS 0.4%CVE-2023-50341HIGHImproper Access Control affects DRYiCE MyXalyticsEPSS 0.4%CVE-2025-43450HIGHA logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1. An app may EPSS 0.4%CVE-2021-25440—Improper access control vulnerability in FactoryCameraFB prior to version 3.4.74 allows untrusted applications to access arbitrary files witEPSS 0.4%