Weaknesses of type CWE-284
4,453 resultsCVE-2023-27517MEDIUMImproper access control in some Intel(R) Optane(TM) PMem software before versions 01.00.00.3547, 02.00.00.3915, 03.00.00.0483 may allow an aEPSS 0.2%CVE-2026-34277MEDIUMVulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Fluid Core). Supported versions that are afEPSS 0.2%CVE-2022-24923MEDIUMImproper access control vulnerability in Samsung SearchWidget prior to versions 2.3.00.6 in China models allows untrusted applications to loEPSS 0.2%CVE-2025-67437MEDIUMMedical Management System a81df1ce700a9662cb136b27af47f4cbde64156b is vulnerable to Insecure Permissions, which allows arbitrary user passwoEPSS 0.2%CVE-2026-7134MEDIUMcode-projects Online Lot Reservation System edithousepic.php unrestricted uploadEPSS 0.2%CVE-2026-7133MEDIUMcode-projects Online Lot Reservation System activity.php unrestricted uploadEPSS 0.2%CVE-2026-34298MEDIUMVulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Personalization). Supported versions thatEPSS 0.2%CVE-2025-4962HIGHIDOR Vulnerability in Template Creation via `projectId` Manipulation in lunary-ai/lunaryEPSS 0.2%CVE-2022-40207HIGHImproper access control in the Intel(R) SUR software before version 2.4.8989 may allow an authenticated user to potentially enable escalatioEPSS 0.2%CVE-2025-27093MEDIUMSliver does not restricted traffic between Wireguard clients.EPSS 0.2%CVE-2026-5881MEDIUMPolicy bypass in LocalNetworkAccess in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass navigation restrictions via EPSS 0.2%CVE-2025-15141LOWHalo Configuration actuator information disclosureEPSS 0.2%CVE-2026-46828HIGHVulnerability in the Oracle Payroll product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affectEPSS 0.2%CVE-2025-68716HIGHKAYSUS KS-WR3600 routers with firmware 1.0.5.9.1 enable the SSH service enabled by default on the LAN interface. The root account is configuEPSS 0.2%CVE-2025-32376MEDIUMDiscourse DM limits aren’t always properly enforcedEPSS 0.2%CVE-2026-11193MEDIUMInsufficient policy enforcement in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass discretionarEPSS 0.2%CVE-2023-34469MEDIUMCold Rest VulnerabiltiyEPSS 0.2%CVE-2026-3796MEDIUMQi-ANXIN QAX Virus Removal Mini Filter Driver QKSecureIO_Imp.sys ZwTerminateProcess access controlEPSS 0.2%CVE-2026-56217MEDIUMCapgo - Encrypted Bundle Policy Bypass via Direct PostgREST UpdateEPSS 0.2%CVE-2025-43495MEDIUMThe issue was addressed with improved checks. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1. An app may be aEPSS 0.2%