Weaknesses of type CWE-284
4,457 resultsCVE-2026-20603MEDIUMThis issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Tahoe 26.3. An app with root privileEPSS 0.1%CVE-2026-20684LOWA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.4. An app may bypass Gatekeeper checksEPSS 0.1%CVE-2025-61156HIGHIncorrect access control in the kernel driver of ThreatFire System Monitor v4.7.0.53 allows attackers to escalate privileges and execute arbEPSS 0.1%CVE-2025-68623HIGHIn Microsoft DirectX End-User Runtime Web Installer 9.29.1974.0, a low-privilege user can replace an executable file during the installationEPSS 0.1%CVE-2026-28988MEDIUMA permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, visionOS EPSS 0.1%CVE-2024-32973MEDIUMRemote for TLS session may be trusted despite constraints in Pluto langEPSS 0.1%CVE-2024-28050MEDIUMImproper access control in some Intel(R) Arc(TM) & Iris(R) Xe Graphics software before version 31.0.101.4824 may allow an authenticated userEPSS 0.1%CVE-2025-24090LOWA permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.3 and iPadOS 18.3. An app may be able to enumeEPSS 0.1%CVE-2023-21490MEDIUMImproper access control in GearManagerStub prior to SMR May-2023 Release 1 allows a local attacker to delete applications installed by watchEPSS 0.1%CVE-2025-23365HIGHA vulnerability has been identified in TIA Administrator (All versions < V3.0.6). The affected application allows low-privileged users to trEPSS 0.1%CVE-2022-39900MEDIUMImproper access control vulnerability in Nice Catch prior to SMR Dec-2022 Release 1 allows physical attackers to access contents of all toasEPSS 0.1%CVE-2024-2315MEDIUMSMM arbitrary code execution in OverclockEPSS 0.1%CVE-2025-21031MEDIUMImproper access control in ImsService prior to SMR Sep-2025 Release 1 allows local attackers to use the privileged APIs.EPSS 0.1%CVE-2025-20052MEDIUMImproper access control for some Intel(R) Graphics software may allow an authenticated user to potentially enable denial of service via locaEPSS 0.1%CVE-2026-0856HIGHImproper Access Control vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component enables a normal user gainiEPSS 0.1%CVE-2025-20100HIGHImproper access control in the memory controller configurations for some Intel(R) Xeon(R) 6 processor with E-cores may allow a privileged usEPSS 0.1%CVE-2025-0040MEDIUMImproper access control between the Joint Test Action Group (JTAG) and Advanced Extensible Interface (AXI) could allow an attacker with physEPSS 0.1%CVE-2024-45334HIGHTrend Micro Antivirus One versions 3.10.4 and below (Consumer) is vulnerable to an Arbitrary Configuration Update that could allow unauthoriEPSS 0.1%CVE-2025-45083MEDIUMIncorrect access control in Ullu (Android version v2.9.929 and IOS version v2.8.0) allows attackers to bypass parental pin feature via unspeEPSS 0.1%CVE-2025-9381LOWFNKvision Y215 CCTV Camera wpa_supplicant.conf information disclosureEPSS 0.1%