Weaknesses of type CWE-284

4,456 results
CVE-2023-39257HIGH Dell Rugged Control Center, version prior to 4.7, contains an Improper Access Control vulnerability. A local malicious standard user could EPSS 0.2%CVE-2026-34312LOWVulnerability in the RDBMS component of Oracle Database Server. Supported versions that are affected are 19.3-19.30. Easily exploitable vulEPSS 0.2%CVE-2026-11078MEDIUMInappropriate implementation in FileSystem in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the rendereEPSS 0.2%CVE-2026-11275MEDIUMInappropriate implementation in Page Info in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised tEPSS 0.2%CVE-2026-28803MEDIUMOpen Forms possible to view submission details of other people than intendedEPSS 0.2%CVE-2026-55119HIGHA malicious actor with access to the network and low privileges could exploit an Improper Access Control vulnerability found in UniFi Talk AEPSS 0.2%CVE-2026-46699HIGHconda-smithy vulnerable to misrouted repository invitation by conda-forge-webservices[bot] due to GitHub username takeover leading to unintended write access in conda-forge feedstock repositoryEPSS 0.2%CVE-2026-11197MEDIUMInsufficient policy enforcement in Workers in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the rendereEPSS 0.2%CVE-2022-20732HIGHCisco Virtualized Infrastructure Manager Privilege Escalation VulnerabilityEPSS 0.2%CVE-2026-8127MEDIUMeladmin Users API Endpoint UserController.java checkLevel access controlEPSS 0.2%CVE-2026-7044MEDIUMGreenCMS index.php themeadd unrestricted uploadEPSS 0.2%CVE-2026-4505MEDIUMeosphoros-ai DB-GPT FastAPI Endpoint controller.py module_plugin.refresh_plugins unrestricted uploadEPSS 0.2%CVE-2023-39256HIGH Dell Rugged Control Center, version prior to 4.7, contains an improper access control vulnerability. A local malicious standard user could EPSS 0.2%CVE-2026-11258MEDIUMInappropriate implementation in File System Access in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user toEPSS 0.2%CVE-2026-5472MEDIUMProjectsAndPrograms School Management System Profile Picture settings.php unrestricted uploadEPSS 0.2%CVE-2026-10205MEDIUMMetasoft 美特软件 MetaCRM upload.jsp unrestricted uploadEPSS 0.2%CVE-2026-4514MEDIUMPbootCMS Backend UserController.php access controlEPSS 0.2%CVE-2026-11135MEDIUMInsufficient policy enforcement in Autofill in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass discretionary accessEPSS 0.2%CVE-2026-8556LOWInappropriate implementation in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the EPSS 0.2%CVE-2025-32992HIGHThermo Fisher Scientific ePort through 3.0.0 has Incorrect Access Control.EPSS 0.2%