Weaknesses of type CWE-284
4,399 resultsCVE-2024-45130MEDIUMAdobe Commerce | Improper Access Control (CWE-284)EPSS 0.5%CVE-2024-45121MEDIUMAdobe Commerce | Improper Access Control (CWE-284)EPSS 0.5%CVE-2025-69907HIGHAn unauthenticated information disclosure vulnerability exists in Newgen OmniDocs due to missing authentication and access control on the /oEPSS 0.5%CVE-2023-46601CRITICALA vulnerability has been identified in COMOS (All versions). The affected application lacks proper access controls in making the SQLServer cEPSS 0.5%CVE-2024-45129MEDIUMAdobe Commerce | Improper Access Control (CWE-284)EPSS 0.5%CVE-2023-6582MEDIUMElementsKit Lite <= 3.0.3 - Unauthenticated Sensitive Information ExposureEPSS 0.5%CVE-2026-5573MEDIUMTechnostrobe HI-LED-WR120-G2 fs unrestricted uploadEPSS 0.5%CVE-2024-10764MEDIUMCodezips Online Institute Management System save_user.php unrestricted uploadEPSS 0.5%CVE-2024-20315MEDIUMA vulnerability in the access control list (ACL) processing on MPLS interfaces in the ingress direction of Cisco IOS XR Software could allowEPSS 0.5%CVE-2022-47036CRITICALSiklu TG Terragraph devices before approximately 2.1.1 have a hardcoded root password that has been revealed via a brute force attack on an EPSS 0.5%CVE-2024-10765MEDIUMCodezips Online Institute Management System profile.php unrestricted uploadEPSS 0.5%CVE-2022-47558CRITICALImproper Access Control in Ormazabal productsEPSS 0.5%CVE-2025-30698MEDIUMVulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). SEPSS 0.5%CVE-2026-46774CRITICALVulnerability in the Oracle Unified Directory product of Oracle Fusion Middleware (component: OUD Core). Supported versions that are affectEPSS 0.5%CVE-2026-35312CRITICALVulnerability in the Oracle Virtual Directory product of Oracle Fusion Middleware (component: Virtual Directory Server). Supported versionsEPSS 0.5%CVE-2026-46773CRITICALVulnerability in the Oracle Unified Directory product of Oracle Fusion Middleware (component: OUD Core). Supported versions that are affectEPSS 0.5%CVE-2023-21857HIGHVulnerability in the Oracle HCM Common Architecture product of Oracle E-Business Suite (component: Auomated Test Suite). Supported versionsEPSS 0.5%CVE-2023-21851HIGHVulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Supported versions that areEPSS 0.5%CVE-2020-25634—A flaw was found in Red Hat 3scale’s API docs URL, where it is accessible without credentials. This flaw allows an attacker to view sensitivEPSS 0.5%CVE-2024-0975MEDIUMWordPress Access Control <= 4.0.13 - Improper Access Control to Sensitive Information Exposure via REST APIEPSS 0.5%