Weaknesses of type CWE-284
4,394 resultsCVE-2026-42823CRITICALAzure Logic Apps Elevation of Privilege VulnerabilityEPSS 0.6%CVE-2022-43429HIGHJenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier implements an agent/controller message that does not limit where it can be eEPSS 0.6%CVE-2022-39329LOWProfile of disabled user stays accessibleEPSS 0.6%CVE-2021-22567MEDIUMBidirectional Override in Dart SDKEPSS 0.6%CVE-2024-24771HIGHOpen Forms potential multi-factor authentication bypassEPSS 0.6%CVE-2026-25758HIGHSpree allows unauthenticated users can access all guest addressesEPSS 0.6%CVE-2024-41332MEDIUMIncorrect access control in the delete_category function of Sourcecodester Computer Laboratory Management System v1.0 allows authenticated aEPSS 0.6%CVE-2020-14388—A flaw was found in the Red Hat 3scale API Management Platform, where member permissions for an API's admin portal were not properly enforceEPSS 0.6%CVE-2023-24512HIGHOn affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI requests could craft a request allowing it to update arbitrary configurations in the switch. EPSS 0.6%CVE-2022-41970LOWNextcloud Server's disabled download shares still allow download through preview imagesEPSS 0.6%CVE-2024-11674MEDIUMCodeAstro Hospital Management System his_doc_update-account.php unrestricted uploadEPSS 0.6%CVE-2023-37267HIGHUmbraco allows possible Admin-level access to backoffice without Auth under rare conditionsEPSS 0.6%CVE-2024-9321MEDIUMSourceCodester Online Railway Reservation System view_details.php access controlEPSS 0.6%CVE-2023-51661HIGHFilesystem sandbox not enforced in wasmer-cliEPSS 0.6%CVE-2022-29417MEDIUMWordPress ShortPixel Adaptive Images plugin <= 3.3.1 - Subscriber+ Plugin Settings Update vulnerabilityEPSS 0.6%CVE-2024-38016HIGHMicrosoft Office Visio Remote Code Execution VulnerabilityEPSS 0.6%CVE-2023-21893HIGHVulnerability in the Oracle Data Provider for .NET component of Oracle Database Server. Supported versions that are affected are 19c and 2EPSS 0.6%CVE-2024-13110MEDIUMBeijing Yunfan Internet Technology Yunfan Learning Examination System Exam Answer PaperController.java, information disclosureEPSS 0.6%CVE-2025-46566MEDIUMDataease redshift JDBC Connection Remote Code ExecutionEPSS 0.6%CVE-2026-21535HIGHMicrosoft Teams Information Disclosure VulnerabilityEPSS 0.6%