Weaknesses of type CWE-284

4,457 results
CVE-2025-43451MEDIUMA permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Tahoe 26. An app may be able to access sensiEPSS 0.1%CVE-2025-30731LOWVulnerability in the Oracle Applications Technology Stack product of Oracle E-Business Suite (component: Configuration). Supported versionsEPSS 0.1%CVE-2023-31341HIGHInsufficient validation of the Input Output Control (IOCTL) input buffer in AMD μProf may allow an authenticated attacker to cause an out-ofEPSS 0.1%CVE-2024-39609HIGHImproper Access Control in UEFI firmware for some Intel(R) Server Board M70KLP may allow a privileged user to potentially enable escalation EPSS 0.1%CVE-2026-28682MEDIUMGokapi: Data Leak in Upload Status StreamEPSS 0.1%CVE-2026-28378LOWCross-Organization Public Dashboard Deletion via Missing Org IsolationEPSS 0.1%CVE-2025-24313MEDIUMImproper access control for some Device Plugins for Kubernetes software maintained by Intel before version 0.32.0 may allow a privileged useEPSS 0.1%CVE-2026-21635MEDIUMAn Improper Access Control could allow a malicious actor in Wi-Fi range to the EV Station Lite (v1.5.2 and earlier) to use WiFi AutoLink feaEPSS 0.1%CVE-2022-33720LOWImproper authentication vulnerability in AppLock prior to SMR Aug-2022 Release 1 allows physical attacker to access Chrome locked by AppLockEPSS 0.1%CVE-2026-4218LOWmyAEDES App aedes.me.beta EngageBayUtils.java information disclosureEPSS 0.1%CVE-2026-40009MEDIUMApache IoTDB: Authenticated users can escalate to full tree-path access by renaming themselves to __internal_auditorEPSS 0.1%CVE-2024-34543MEDIUMImproper access control in Intel(R) RAID Web Console software for all versions may allow an authenticated user to potentially enable escalatEPSS 0.1%CVE-2022-40539HIGHImproper Validation of Array Index in Automotive Android OSEPSS 0.1%CVE-2025-36909MEDIUMInformation disclosureEPSS 0.1%CVE-2026-4823LOWEnter Software Iperius Backup NTLM2 information disclosureEPSS 0.1%CVE-2023-25773HIGHImproper access control in the Intel(R) Unite(R) Hub software installer for Windows before version 4.2.34962 may allow an authenticated userEPSS 0.1%CVE-2025-32037LOWImproper access control for some Intel(R) PresentMon before version 2.3.1 within Ring 3: User Applications may allow a denial of service. NeEPSS 0.1%CVE-2022-38973LOWImproper access control for some Intel(R) Arc(TM) graphics cards A770 and A750 Limited Edition sold between October of 2022 and December of EPSS 0.1%CVE-2024-1343MEDIUMWeak permission vulnerability in LaborOfficeFreeEPSS 0.1%CVE-2024-45333MEDIUMImproper access control for some Intel(R) Data Center GPU Flex Series for Windows driver before version 31.0.101.4314 may allow an authenticEPSS 0.1%