Weaknesses of type CWE-284
4,457 resultsCVE-2025-60799MEDIUMphpPgAdmin 7.13.0 and earlier contains an incorrect access control vulnerability in sql.php at lines 68-76. The application allows unauthoriEPSS 0.2%CVE-2023-42838HIGHAn access issue was addressed with improvements to the sandbox. This issue is fixed in macOS Ventura 13.6.3, macOS Sonoma 14.1, macOS MonterEPSS 0.2%CVE-2026-7959LOWInappropriate implementation in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the rendereEPSS 0.2%CVE-2023-38411LOWImproper access control in the Intel Smart Campus android application before version 9.4 may allow an authenticated user to potentially enabEPSS 0.2%CVE-2022-30745MEDIUMImproper access control vulnerability in Quick Share prior to version 13.1.2.4 allows attacker to access internal files in Quick Share.EPSS 0.2%CVE-2024-24902MEDIUMDell RecoverPoint for Virtual Machines 6.0.x contains an Improper access control vulnerability. A low privileged local attacker could potentEPSS 0.2%CVE-2025-43334MEDIUMThis issue was addressed with additional entitlement checks. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 2EPSS 0.2%CVE-2025-43335MEDIUMThe issue was addressed by adding additional logic. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An aEPSS 0.2%CVE-2025-53112MEDIUMGLPI's incomprehensive permission checks can lead to data removal from allowed usersEPSS 0.2%CVE-2025-0033MEDIUMImproper access control within AMD SEV-SNP could allow an admin privileged attacker to write to the RMP during SNP initialization, potentialEPSS 0.2%CVE-2025-43322MEDIUMA logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An appEPSS 0.2%CVE-2026-23522LOWLobe Chat has IDOR in Knowledge Base File Removal that Allows Cross User File DeletionEPSS 0.2%CVE-2026-34248LOWZammad has an information disclosure in ticket detail view of customers in shared organizationsEPSS 0.2%CVE-2026-22605MEDIUMOpenProject is Vulnerable to Insecure Direct Object Reference in MeetingsEPSS 0.2%CVE-2026-45284MEDIUMNextcloud: Wrong condition in the User OIDC app's LdapService allowed deleted LDAP users to authenticateEPSS 0.2%CVE-2023-23573MEDIUMImproper access control in the Intel(R) Unite(R) android application before Release 17 may allow a privileged user to potentially enable infEPSS 0.2%CVE-2026-29077HIGHFrappe: Broken Access Control in DocShareEPSS 0.2%CVE-2026-22014LOWVulnerability in the Oracle User Management product of Oracle E-Business Suite (component: Workflow and Business Events). Supported versionEPSS 0.2%CVE-2024-36438HIGHeLinkSmart Hidden Smart Cabinet Lock 2024-05-22 has Incorrect Access Control and fails to perform an authorization check which can lead to cEPSS 0.2%CVE-2023-28907MEDIUMA lack of access restrictions on internal memory regionsEPSS 0.2%