Weaknesses of type CWE-284

4,454 results
CVE-2026-31815MEDIUMdjango-unicorn affected by component state manipulation via unvalidated attribute accessEPSS 0.2%CVE-2025-13949MEDIUMProudMuBai GoFilm FileController.go SingleUpload unrestricted uploadEPSS 0.2%CVE-2025-43305MEDIUMA logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. A malicious EPSS 0.2%CVE-2025-43319MEDIUMThis issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An aEPSS 0.2%CVE-2022-20716HIGHCisco SD-WAN Solution Improper Access Control VulnerabilityEPSS 0.2%CVE-2026-10807MEDIUMmjperpinosa stumasy change_profile_image.php unrestricted uploadEPSS 0.2%CVE-2026-9579MEDIUMJeecgBoot SysUser userEdit user.getUsername access controlEPSS 0.2%CVE-2026-14698MEDIUMSourceCodester Syllabus-Aligned Learning Management and Examination System upload_files.php unrestricted uploadEPSS 0.2%CVE-2025-43317MEDIUMA permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionEPSS 0.2%CVE-2026-10806MEDIUMmjperpinosa stumasy add_post.php unrestricted uploadEPSS 0.2%CVE-2026-9581MEDIUMJeecgBoot add access controlEPSS 0.2%CVE-2026-27723MEDIUMOpenProject: Insufficient access control leads to create Wiki objects belongs unpermitted projectsEPSS 0.2%CVE-2025-43321MEDIUMThe issue was resolved by blocking unsigned services from launching on Intel Macs. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 1EPSS 0.2%CVE-2025-64706MEDIUMTypebot IDOR Vulnerability: Unauthorized API Token Deletion and ExposureEPSS 0.2%CVE-2025-13443MEDIUMmacrozheng mall delete access controlEPSS 0.2%CVE-2026-48617LOWA flaw in Node.js Permission Model enforcement allows Bypass via `process.report.writeReport()` Path Misvalidation. This can lead to confideEPSS 0.2%CVE-2026-24711MEDIUMNorthern.tech CFEngine Enterprise before 3.21.8, 3.24.3, and 3.27.0 has Incorrect Access Control.EPSS 0.2%CVE-2025-43534MEDIUMA path handling issue was addressed with improved validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.2 and iPadOS 26.2.EPSS 0.2%CVE-2023-21894HIGHVulnerability in the Oracle Global Lifecycle Management NextGen OUI Framework product of Oracle Fusion Middleware (component: NextGen InstalEPSS 0.2%CVE-2026-56302MEDIUMCapgo - Unsecured Supabase Images Bucket via Missing Row Level SecurityEPSS 0.2%