Weaknesses of type CWE-284
4,457 resultsCVE-2025-43328LOWA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access sensitivEPSS 0.2%CVE-2024-47976MEDIUMImproper access removal handling in firmware of some Solidigm DC Products may allow an attacker with physical access to gain unauthorized acEPSS 0.2%CVE-2026-48936LOWA flaw in Node.js Permission API can cause a local server to be started (via a Unix domain socket), even without the `--allow-net` permissioEPSS 0.2%CVE-2026-35533HIGHmise has a local settings bypass config trust checksEPSS 0.2%CVE-2024-29077MEDIUMImproper access control in some JAM STAPL Player software before version 2.6.1 may allow an authenticated user to potentially enable escalatEPSS 0.2%CVE-2026-12460MEDIUMInsufficient policy enforcement in File System Access in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromisedEPSS 0.2%CVE-2024-28170LOWImproper access control in Intel(R) RAID Web Console all versions may allow an authenticated user to potentially enable information disclosuEPSS 0.2%CVE-2023-43072MEDIUM
Dell SmartFabric Storage Software v1.4 (and earlier) contains an improper access control vulnerability in the CLI. A local possibly unautheEPSS 0.2%CVE-2023-34470MEDIUMImproper access control EPSS 0.2%CVE-2022-45112HIGHImproper access control in some Intel(R) VROC software before version 8.0.0.4035 may allow an authenticated user to potentially enable escalEPSS 0.2%CVE-2026-39346MEDIUMOrangeHRM has Improper Access Control Allowing Access to Disabled Modules via URL EncodingEPSS 0.2%CVE-2024-34022MEDIUMImproper Access Control in some Thunderbolt(TM) Share software before version 1.0.49.9 may allow an authenticated user to potentially enableEPSS 0.2%CVE-2026-40713MEDIUMDell ThinOS 10, versions prior to ThinOS10 2602_10.0765, contain an Improper Access control vulnerability. An unauthenticated attacker with EPSS 0.2%CVE-2023-32609MEDIUMImproper access control in the Intel Unite(R) android application before version 4.2.3504 may allow an authenticated user to potentially enaEPSS 0.2%CVE-2025-24917HIGHImproper Access Control leads to Local Privilege EscalationEPSS 0.2%CVE-2026-41123MEDIUMDell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1EPSS 0.2%CVE-2026-34307MEDIUMVulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Workflow). Supported versions that are affeEPSS 0.2%CVE-2023-27301MEDIUMImproper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentEPSS 0.2%CVE-2026-9789HIGHNitroSense V3: Security Vulnerability InformationEPSS 0.2%CVE-2026-20203MEDIUMImproper Access Control in Data Model Acceleration in Splunk EnterpriseEPSS 0.2%