Weaknesses of type CWE-284

4,456 results
CVE-2026-5181MEDIUMSourceCodester Simple Doctors Appointment System ajax.php unrestricted uploadEPSS 0.2%CVE-2026-7732MEDIUMcode-projects BloodBank Managing System request_blood.php unrestricted uploadEPSS 0.2%CVE-2023-20065HIGHA vulnerability in the Cisco IOx application hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevEPSS 0.2%CVE-2025-9795MEDIUMxujeff tianti 天梯 UploadController.java ajaxUploadFile unrestricted uploadEPSS 0.2%CVE-2021-33162HIGHImproper access control in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow an authentEPSS 0.2%CVE-2026-10152MEDIUMTaleLin lin-cms-spring-boot book Endpoint BookController.java access controlEPSS 0.2%CVE-2022-34457HIGH Dell command configuration, version 4.8 and prior, contains improper folder permission when installed not to default path but to non-secureEPSS 0.2%CVE-2023-40071HIGHImproper access control in some Intel(R) GPA software installers before version 2023.3 may allow an authenticated user to potentially enableEPSS 0.2%CVE-2026-28381CRITICALLocal File Read/Write to Potential Privilege Escalation via Snowflake GET/PUTEPSS 0.2%CVE-2026-48529MEDIUMGitHub MCP Server: Lockdown mode singleton in HTTP server causes cross-user GraphQL client confusionEPSS 0.2%CVE-2023-7025HIGHKylinSoft hedron-domain-hook DBus init_kcm access controlEPSS 0.2%CVE-2026-0977MEDIUMIBM CICS Transaction Gateway for Multiplatforms Information DisclosureEPSS 0.2%CVE-2026-39942HIGHDirectus has a Path Traversal and Broken Access Control in File Management APIEPSS 0.2%CVE-2024-1898LOWImproper access control in the notification feature in Devolutions Server 2023.3.14.0 and earlier allows a low privileged user to change notEPSS 0.2%CVE-2017-20233MEDIUMHirschmann HiLCOS Layer-2 Firewall Multicast Broadcast Traffic BypassEPSS 0.2%CVE-2026-31150MEDIUMIncorrect access control in Kaleris YMS v7.2.2.1 allows authenticated attackers with only the shipping/receiving role to view the truck's daEPSS 0.2%CVE-2025-43414MEDIUMA permissions issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26EPSS 0.2%CVE-2026-32209MEDIUMWindows Filtering Platform (WFP) Security Feature Bypass VulnerabilityEPSS 0.2%CVE-2026-25702HIGHnftables disabled due to incorrect kernel backportEPSS 0.2%CVE-2026-4628MEDIUMKeycloak: org.keycloak.authorization: keycloak: unauthorized resource modification due to improper access controlEPSS 0.2%