Weaknesses of type CWE-284
4,457 resultsCVE-2026-8556LOWInappropriate implementation in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the EPSS 0.2%CVE-2025-32992HIGHThermo Fisher Scientific ePort through 3.0.0 has Incorrect Access Control.EPSS 0.2%CVE-2025-2348MEDIUMIROAD Dash Cam FX2 HTTP/RTSP event information disclosureEPSS 0.2%CVE-2026-14156MEDIUMInsufficient policy enforcement in StorageAccessAPI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised thEPSS 0.2%CVE-2025-43315MEDIUMThis issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An aEPSS 0.2%CVE-2025-24197MEDIUMA logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may bEPSS 0.2%CVE-2023-28397HIGHImproper access control in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated to potentially enable escalationEPSS 0.2%CVE-2023-39433MEDIUMImproper access control for some Intel(R) CST software before version 2.1.10300 may allow an authenticated user to potentially enable escalaEPSS 0.2%CVE-2024-21067HIGHVulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Host Management). The supporEPSS 0.2%CVE-2026-2851MEDIUMyeqifu warehouse Inport Endpoint InportController.java deleteInport access controlEPSS 0.2%CVE-2023-39425HIGHImproper access control in some Intel(R) DSA software before version 23.4.33 may allow an authenticated user to potentially enable escalatioEPSS 0.2%CVE-2023-32204HIGHImproper access control in some Intel(R) OFU software before version 14.1.31 may allow an authenticated user to potentially enable escalatioEPSS 0.2%CVE-2024-37355HIGHImproper access control in some Intel(R) Graphics software may allow an authenticated user to potentially enable escalation of privilege viaEPSS 0.2%CVE-2025-3518MEDIUMFile upload functionality possible even when disabledEPSS 0.2%CVE-2026-2311MEDIUMIBM i is affected by a privilege escalation vulnerability in Web Administration GUI []EPSS 0.2%CVE-2022-37341HIGHImproper access control in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow a privilegEPSS 0.2%CVE-2026-28374MEDIUMIDOR in Annotations API allows unprivileged users to DELETE annotationEPSS 0.2%CVE-2026-54012HIGHOpen WebUI: Forged model meta.knowledge allows cross-user file read and deletionEPSS 0.2%CVE-2026-21984HIGHVulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.EPSS 0.2%CVE-2021-25431—Improper access control vulnerability in Cameralyzer prior to versions 3.2.1041 in 3.2.x, 3.3.1040 in 3.3.x, and 3.4.4210 in 3.4.x allows unEPSS 0.2%