Weaknesses of type CWE-284
4,443 resultsCVE-2025-7576MEDIUMTeledyne FLIR FB-Series O/FLIR FH-Series ID Production Tools production.html access controlEPSS 0.3%CVE-2024-9003MEDIUMJinan Chicheng Company JFlow Attachment EntityMutliFile_Load.do AttachmentUploadController access controlEPSS 0.3%CVE-2025-37136MEDIUMAuthenticated Arbitrary File Deletion Vulnerabilities in AOS-8 Controller/Mobility Conductor Command Line Interface (CLI)EPSS 0.3%CVE-2025-8171MEDIUMcode-projects Document Management System insert.php unrestricted uploadEPSS 0.3%CVE-2025-67645HIGHOpenEMR Vulnerable to Broken Access Control in Profile Edit EndpointEPSS 0.3%CVE-2026-20883MEDIUMGitea Stopwatch API Missing Authorization Check Leads to Post-Revocation Information DisclosureEPSS 0.3%CVE-2024-42794MEDIUMKashipara Music Management System v1.0 is vulnerable to Incorrect Access Control via /music/ajax.php?action=save_user.EPSS 0.3%CVE-2024-1144MEDIUMImproper Access Control at Alma Devklan BlogEPSS 0.3%CVE-2026-41277HIGHFlowise: Mass Assignment in DocumentStore Create Endpoint Leads to Cross-Workspace Object Takeover (IDOR)EPSS 0.3%CVE-2026-40474HIGHwger has Broken Access Control in the Global Gym Configuration Update EndpointEPSS 0.3%CVE-2025-37135MEDIUMAuthenticated Arbitrary File Deletion Vulnerabilities in AOS-8 Controller/Mobility Conductor Command Line Interface (CLI)EPSS 0.3%CVE-2023-39941HIGHImproper access control in some Intel(R) SUR software before version 2.4.10587 may allow an unauthenticated user to potentially enable deniaEPSS 0.3%CVE-2024-56335HIGHPrivilege escalation allows organization groups to be updated/deleted if their UUID is known in vaultwardenEPSS 0.3%CVE-2025-20153MEDIUMCisco ESA mail BypassEPSS 0.3%CVE-2026-1813MEDIUMbolo-blog bolo-solo FreeMarker Template PicUploadProcessor.java unrestricted uploadEPSS 0.3%CVE-2025-37125HIGHBroken access control vulnerability in Firewall Configuration Leads to Unauthorized Access to Internal Network ResourcesEPSS 0.3%CVE-2025-37137MEDIUMAuthenticated Arbitrary File Deletion Vulnerabilities in AOS-8 Controller/Mobility Conductor Command Line Interface (CLI)EPSS 0.3%CVE-2023-20230MEDIUMA vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller (APIC) could allow anEPSS 0.3%CVE-2022-26308LOWImproper Access Control in Configuration (Credential store)EPSS 0.3%CVE-2026-1197LOWMineAdmin downloadById information disclosureEPSS 0.3%