Weaknesses of type CWE-285
1,289 resultsCVE-2022-24894MEDIUMSymfony storing cookie headers in HttpCacheEPSS 0.8%CVE-2021-38486HIGHInHand Networks IR615 RouterEPSS 0.8%CVE-2024-3840MEDIUMInsufficient policy enforcement in Site Isolation in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass navigation resEPSS 0.7%CVE-2019-3641MEDIUMExploitation of Authorization in TIE ServerEPSS 0.7%CVE-2022-4688HIGHImproper Authorization in usememos/memosEPSS 0.7%CVE-2021-42332MEDIUMShinHer Information Co., LTD. ShinHer StudyOnline System - Improper Authorization-3EPSS 0.7%CVE-2025-53792CRITICALAzure Portal Elevation of Privilege VulnerabilityEPSS 0.7%CVE-2024-30260LOWUndici's Proxy-Authorization header not cleared on cross-origin redirect for dispatch, request, stream, pipelineEPSS 0.7%CVE-2020-9061—Z-Wave devices using Silicon Labs 500 and 700 series chipsets, including but not likely limited to the SiLabs UZB-7 version 7.00, ZooZ ZST10EPSS 0.7%CVE-2022-2019HIGHSourceCodester Prison Management System New User Creation improper authorizationEPSS 0.7%CVE-2015-10033LOWjvvlee MerlinsBoard Grade improper authorizationEPSS 0.7%CVE-2024-36467HIGHAuthentication privilege escalation via user groups due to missing authorization checksEPSS 0.7%CVE-2022-0821HIGHImproper Authorization in orchardcms/orchardcoreEPSS 0.7%CVE-2024-21166MEDIUMVulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.36 and prior anEPSS 0.7%CVE-2017-0895—Nextcloud Server before 10.0.4 and 11.0.2 are vulnerable to disclosure of calendar and addressbook names to other logged-in users. Note thatEPSS 0.7%CVE-2026-33105CRITICALMicrosoft Azure Kubernetes Service Elevation of Privilege VulnerabilityEPSS 0.7%CVE-2026-33823CRITICALMicrosoft Team Events Portal Information Disclosure VulnerabilityEPSS 0.7%CVE-2019-10159MEDIUMcfme-gemset versions 5.10.4.3 and below, 5.9.9.3 and below are vulnerable to a data leak, due to an improper authorization in the migration EPSS 0.7%CVE-2024-24830CRITICALOpenObserve Privilege Escalation Vulnerability in Users APIEPSS 0.7%CVE-2020-36729MEDIUMSlideshow, Image Slider by 2J <= 1.3.31 - Authorization BypassEPSS 0.7%