Weaknesses of type CWE-284

4,443 results
CVE-2025-6900MEDIUMcode-projects Library System add-book.php unrestricted uploadEPSS 0.3%CVE-2026-41491HIGHDapr: Service Invocation path traversal ACL bypassEPSS 0.3%CVE-2020-8902LOWSSRF in RendertronEPSS 0.3%CVE-2024-9157HIGHPrivilege Escalation Vulnerability in CxUIUSvc serviceEPSS 0.3%CVE-2025-55196HIGHExternal Secrets Operator Missing Namespace Restriction in PushSecret and SecretStore List() Calls Allows Unauthorized Secret AccessEPSS 0.3%CVE-2026-27471CRITICALERP: Document access through endpoints due to missing validationEPSS 0.3%CVE-2025-15448MEDIUMcld378632668 JavaMall MinioController.java upload unrestricted uploadEPSS 0.3%CVE-2020-3396MEDIUMCisco IOS XE Software IOx Guest Shell USB SSD Namespace Protection Privilege Escalation VulnerabilityEPSS 0.3%CVE-2020-1666MEDIUMJunos OS Evolved: 'console log-out-on-disconnect' fails to terminate session on console cable disconnectionEPSS 0.3%CVE-2025-3169LOWProjeqtor saveAttachment.php unrestricted uploadEPSS 0.3%CVE-2022-43679MEDIUMThe Docker image of ownCloud Server through 10.11 contains a misconfiguration that renders the trusted_domains config useless. This could beEPSS 0.3%CVE-2017-6016An Improper Access Control issue was discovered in LCDS - Leao Consultoria e Desenvolvimento de Sistemas LTDA ME LAquis SCADA. The followingEPSS 0.3%CVE-2022-32945MEDIUMAn access issue was addressed with additional sandbox restrictions on third-party apps. This issue is fixed in macOS Ventura 13. An app may EPSS 0.3%CVE-2025-48707HIGHAn issue was discovered in Stormshield Network Security (SNS) before 5.0.1. TPM authentication information could, in some HA use cases, be sEPSS 0.3%CVE-2026-21889LOWWeblate leaks information via screenshotsEPSS 0.3%CVE-2022-39864LOWImproper access control vulnerability in WifiSetupLaunchHelper in SmartThings prior to version 1.7.89.25 allows attackers to access sensitivEPSS 0.3%CVE-2026-35263CRITICALVulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 14.1.2EPSS 0.3%CVE-2026-1962MEDIUMWeKan Attachment Migration attachmentMigration.js AttachmentMigrationBleed access controlEPSS 0.3%CVE-2025-43285MEDIUMA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26EPSS 0.3%CVE-2026-1963MEDIUMWeKan Attachment Storage attachments.js MoveStorageBleed access controlEPSS 0.3%