Weaknesses of type CWE-284
4,370 resultsCVE-2024-38175CRITICALAzure Managed Instance for Apache Cassandra Elevation of Privilege VulnerabilityEPSS 0.8%CVE-2026-48908CRITICALJoomla Extension - joomshaper.com - Remote Code Execution in SP Pagebuilder extension for Joomla < 6.6.2EPSS 0.8%CVE-2020-3592MEDIUMCisco SD-WAN vManage Software Authorization Bypass VulnerabilityEPSS 0.8%CVE-2024-13102MEDIUMD-Link DIR-816 A2 DDNS Service access controlEPSS 0.8%CVE-2022-40798HIGHOcoMon 4.0RC1 is vulnerable to Incorrect Access Control. Through a request the user can obtain the real email, sending the same request withEPSS 0.8%CVE-2024-46430MEDIUMTenda W18E V16.01.0.8(1625) is vulnerable to Incorrect Access Control. Unauthorized password change via the web management portal allows an EPSS 0.8%CVE-2023-38946HIGHAn issue in Multilaser RE160 firmware v5.07.51_pt_MTL01 and v5.07.52_pt_MTL01 allows attackers to bypass the access control and gain completEPSS 0.8%CVE-2024-13105MEDIUMD-Link DIR-816 A2 DHCPD Setting form2Dhcpd.cgi access controlEPSS 0.8%CVE-2023-48441MEDIUMAdobe Experience Manager | Improper Access Control (CWE-284)EPSS 0.8%CVE-2022-33757MEDIUMAn authenticated attacker could read Nessus Debug Log file attachments from the web UI without having the correct privileges to do so. This EPSS 0.8%CVE-2021-24859—User Meta Shortcodes <= 0.5 - Contributor+ Unauthorized Arbitrary User Metadata AccessEPSS 0.8%CVE-2024-20932HIGHVulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: SecuritEPSS 0.8%CVE-2021-23176MEDIUMImproper access control in reporting engine of l10n_fr_fec module in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier alEPSS 0.8%CVE-2026-24306CRITICALAzure Front Door Elevation of Privilege VulnerabilityEPSS 0.8%CVE-2017-12262—A vulnerability within the firewall configuration of the Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) coulEPSS 0.8%CVE-2026-28880MEDIUMA permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.EPSS 0.8%CVE-2023-3273HIGHImproper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to affect the availability of the device by chanEPSS 0.8%CVE-2019-18998HIGHAsset Suite Direct Object Reference AccessEPSS 0.8%CVE-2024-2217HIGHImproper Access Control in gaizhenbiao/chuanhuchatgptEPSS 0.8%CVE-2020-36699MEDIUMQuick Page/Post Redirect Plugin <= 5.1.9 - Redirect Security BypassEPSS 0.8%