Weaknesses of type CWE-285
1,285 resultsCVE-2021-35964HIGHLearningdigital.com, Inc. Orca HCM - Broken AuthenticationEPSS 1.1%CVE-2024-26291HIGHAuthenticated Arbitrary File Read affecting Avid NEXISEPSS 1.1%CVE-2022-38375HIGHAn improper authorization vulnerability [CWE-285] in Fortinet FortiNAC version 9.4.0 through 9.4.1 and before 9.2.6 allows an unauthenticatEPSS 1.1%CVE-2023-30467HIGHImproper Authorization Vulnerability in Milesight Network Video Recorder (NVR)EPSS 1.1%CVE-2022-2595CRITICALImproper Authorization in kromitgmbh/titraEPSS 1.1%CVE-2019-14883LOWA vulnerability was found in Moodle 3.6 before 3.6.7 and 3.7 before 3.7.3, where tokens used to fetch inline atachments in email notificatioEPSS 1.1%CVE-2017-1002151—Pagure 3.3.0 and earlier is vulnerable to loss of confidentially due to improper authorizationEPSS 1.1%CVE-2020-15084HIGHAuthorization bypass in express-jwtEPSS 1.1%CVE-2020-15087HIGHPrivilege escalation in PrestoEPSS 1.1%CVE-2022-39322CRITICAL@keystone-6/core vulnerable to field-level access-control bypass for multiselect fieldEPSS 1.1%CVE-2019-6582—A vulnerability has been identified in Siveillance VMS 2017 R2 (All versions < V11.2a), Siveillance VMS 2018 R1 (All versions < V12.1a), SivEPSS 1.1%CVE-2020-10517—Improper access control in GitHub Enterprise Server leading to the enumeration of private repository namesEPSS 1.1%CVE-2018-14666MEDIUMAn improper authorization flaw was found in the Smart Class feature of Foreman. An attacker can use it to change configuration of any host rEPSS 1.0%CVE-2019-3849MEDIUMA vulnerability was found in moodle before versions 3.6.3, 3.5.5 and 3.4.8. Users could assign themselves an escalated role within courses oEPSS 1.0%CVE-2023-33142MEDIUMMicrosoft SharePoint Server Elevation of Privilege VulnerabilityEPSS 1.0%CVE-2019-12635MEDIUMCisco Content Security Management Appliance Information Disclosure VulnerabilityEPSS 1.0%CVE-2024-43729MEDIUMAdobe Experience Manager | Improper Authorization (CWE-285)EPSS 1.0%CVE-2020-2050HIGHPAN-OS: Authentication bypass vulnerability in GlobalProtect SSL VPN client certificate verificationEPSS 1.0%CVE-2020-6311MEDIUMBanking services from SAP 9.0 (Bank Analyzer), version - 500, and SAP S/4HANA for financial products subledger, version � 100, does not corrEPSS 1.0%CVE-2022-20921HIGHCisco ACI Multi-Site Orchestrator Privilege Escalation VulnerabilityEPSS 1.0%