Weaknesses of type CWE-284

4,443 results
CVE-2025-61114HIGH2nd Line Android App version v1.2.92 and before (package name com.mysecondline.app), developed by AutoBizLine, Inc., contains an improper acEPSS 0.3%CVE-2020-35546CRITICALLexmark MX6500 LW75.JD.P296 and previous devices have Incorrect Access Control via the access control settings.EPSS 0.3%CVE-2025-11281LOWFrappe LMS Unpublished Course courses access controlEPSS 0.3%CVE-2025-46331MEDIUMOpenFGA Authorization BypassEPSS 0.3%CVE-2024-9503MEDIUMMaintenance & Coming Soon Redirect Animation <= 2.1.3 - Missing Authorization to Settings UpdateEPSS 0.3%CVE-2026-26145MEDIUMMicrosoft Azure Synapse Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2026-50891HIGHIncorrect access control in the /admin/api/config component of Filestash v0.4.0 allows attackers to escalate privileges via sending a crafteEPSS 0.3%CVE-2025-1259HIGHOn affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected.EPSS 0.3%CVE-2025-25734MEDIUMKapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 was discovered to contain an uEPSS 0.3%CVE-2025-30735HIGHVulnerability in the PeopleSoft Enterprise CC Common Application Objects product of Oracle PeopleSoft (component: Page and Field ConfiguratiEPSS 0.3%CVE-2023-46033D-Link (Non-US) DSL-2750U N300 ADSL2+ and (Non-US) DSL-2730U N150 ADSL2+ are vulnerable to Incorrect Access Control. The UART/Serial interfaEPSS 0.3%CVE-2026-46808HIGHVulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). The supported version that EPSS 0.3%CVE-2024-43409MEDIUMGhost's improper authentication allows access to member information and actionsEPSS 0.3%CVE-2024-29207HIGHAn Improper Certificate Validation could allow a malicious actor with access to an adjacent network to take control of the system. AffeEPSS 0.3%CVE-2022-42859MEDIUMMultiple issues were addressed by removing the vulnerable code. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, watchOSEPSS 0.3%CVE-2025-6837MEDIUMcode-projects Library System profile.php unrestricted uploadEPSS 0.3%CVE-2025-64673HIGHWindows Storage VSP Driver Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2024-9157HIGHPrivilege Escalation Vulnerability in CxUIUSvc serviceEPSS 0.3%CVE-2025-53049HIGHVulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: Analytics Web Administration). EPSS 0.3%CVE-2020-8902LOWSSRF in RendertronEPSS 0.3%