Weaknesses of type CWE-284
4,427 resultsCVE-2026-46882CRITICALVulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Enterprise Infrastructure Security). SupportedEPSS 0.5%CVE-2025-1166MEDIUMSourceCodester Food Menu Manager update.php unrestricted uploadEPSS 0.5%CVE-2023-34107MEDIUMGLPI vulnerable to unauthorized access to KnowbaseItem dataEPSS 0.5%CVE-2023-34106MEDIUMGLPI vulnerable to unauthorized access to User dataEPSS 0.5%CVE-2023-29130CRITICALA vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.5). Affected device consists of improper access controls in the coEPSS 0.5%CVE-2026-33318HIGHActual has Privilege Escalation via 'change-password' Endpoint on OpenID-Migrated ServersEPSS 0.5%CVE-2026-28838MEDIUMA permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, maEPSS 0.5%CVE-2024-52514MEDIUMNextcloud Server allows users to copy folder that contain files that are blocked by the files access controlEPSS 0.5%CVE-2025-8379MEDIUMCampcodes Online Hotel Reservation System edit_room.php unrestricted uploadEPSS 0.5%CVE-2024-56330CRITICALSession VNC may be accessed by other sessions on the same host in stardustEPSS 0.5%CVE-2024-13200MEDIUMwander-chu SpringBoot-Blog HTTP POST Request BaseInterceptor.java preHandle access controlEPSS 0.5%CVE-2023-39961LOWText does not respect "Allow download" permissionsEPSS 0.5%CVE-2024-42023HIGHAn improper access control vulnerability allows low-privileged users to execute code with Administrator privileges remotely.EPSS 0.5%CVE-2025-4269MEDIUMTOTOLINK A720R Log cstecgi.cgi access controlEPSS 0.5%CVE-2025-2280HIGHImproper access control in web extension restriction feature in Devolutions Server 2024.3.4.0
and earlier allows an authenticated user to EPSS 0.5%CVE-2024-10965MEDIUMemqx neuron JSON File schema information disclosureEPSS 0.5%CVE-2024-33227HIGHAn issue in the component ddcdrv.sys of Nicomsoft WinI2C/DDC v3.7.4.0 allows attackers to escalate privileges and execute arbitrary code viaEPSS 0.5%CVE-2025-2973MEDIUMcode-projects College Management System student.php unrestricted uploadEPSS 0.5%CVE-2026-2668MEDIUMRongzhitong Visual Integrated Command and Dispatch Platform User add access controlEPSS 0.5%CVE-2024-13210MEDIUMdonglight bookstore电商书城系统说明 AdminBookController. java uploadPicture unrestricted uploadEPSS 0.5%