Weaknesses of type CWE-284

4,383 results
CVE-2022-45431HIGHSome Dahua software products have a vulnerability of unauthenticated restart of remote DSS Server. After bypassing the firewall access contrEPSS 0.6%CVE-2022-44037HIGHAn access control issue in APsystems ENERGY COMMUNICATION UNIT (ECU-C) Power Control Software V4.1NA, V3.11.4, W2.1NA, V4.1SAA, C1.2.2 allowEPSS 0.6%CVE-2024-44313HIGHTastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the invoice() function within Orders.php which allows unauthorized EPSS 0.6%CVE-2026-5585MEDIUMTencent AI-Infra-Guard Task Detail Endpoint task_manager.go information disclosureEPSS 0.6%CVE-2024-0626MEDIUMWooCommerce Clover Payment Gateway <= 1.3.1 - Missing Authorization via callback_handlerEPSS 0.6%CVE-2025-15082MEDIUMTOZED ZLT M30s Web Management proc_post information disclosureEPSS 0.6%CVE-2024-12368HIGHImproper access control in the auth_oauth module of Odoo Community 15.0 and Odoo Enterprise 15.0 allows an internal user to export the OAuthEPSS 0.6%CVE-2024-43503HIGHMicrosoft SharePoint Elevation of Privilege VulnerabilityEPSS 0.6%CVE-2024-23663HIGHAn improper access control in Fortinet FortiExtender 4.1.1 - 4.1.9, 4.2.0 - 4.2.6, 5.3.2, 7.0.0 - 7.0.4, 7.2.0 - 7.2.4 and 7.4.0 - 7.4.2 allEPSS 0.6%CVE-2023-38206MEDIUMColdFusion | Improper Access Control (CWE-284)EPSS 0.6%CVE-2024-56889HIGHIncorrect access control in the endpoint /admin/m_delete.php of CodeAstro Complaint Management System v1.0 allows unauthorized attackers to EPSS 0.6%CVE-2025-43192CRITICALA configuration issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. Account-drEPSS 0.6%CVE-2025-43198CRITICALThis issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be ableEPSS 0.6%CVE-2024-1011MEDIUMSourceCodester Employee Management System Leave delete-leave.php access controlEPSS 0.6%CVE-2024-24568MEDIUMSuricata http2: header handling evasionEPSS 0.6%CVE-2026-31874CRITICALTaskosaur Improper Role Assignment via Parameter Manipulation in User RegistrationEPSS 0.6%CVE-2024-41249HIGHAn Incorrect Access Control vulnerability was found in /smsa/view_subject.php in Kashipara Responsive School Management System v3.2.0, whichEPSS 0.6%CVE-2023-5365HP LIFE Android Mobile – Potential Escalation of Privilege, Information DisclosureEPSS 0.6%CVE-2023-26473MEDIUMXWiki Platform allows unprivileged users to make arbitrary select queries using DatabaseListProperty and suggest.vmEPSS 0.6%CVE-2024-48955HIGHBroken access control in NetAdmin 4.030319 returns data with functionalities on the endpoint that "assembles" the functionalities menus, theEPSS 0.6%