Vulnerabilities (CVE)

Filtered by CWE-284
Total 4435 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-45121 1 Adobe 3 Commerce, Commerce B2b, Magento 2026-06-17 N/A 4.3 MEDIUM
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.
CVE-2024-45118 1 Adobe 3 Commerce, Commerce B2b, Magento 2026-06-17 N/A 6.5 MEDIUM
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have high impact on integrity. Exploitation of this issue does not require user interaction.
CVE-2024-44915 1 Irfanview 1 Exr 2026-06-17 N/A 5.5 MEDIUM
An issue in the component EXR!ReadEXR+0x4eef0 of Irfanview v4.67.1.0 allows attackers to cause an access violation via a crafted EXR file. This vulnerability can lead to a Denial of Service (DoS).
CVE-2024-44914 1 Irfanview 1 Exr 2026-06-17 N/A 5.5 MEDIUM
An issue in the component EXR!ReadEXR+0x3df50 of Irfanview v4.67.1.0 allows attackers to cause an access violation via a crafted EXR file. This vulnerability can lead to a Denial of Service (DoS).
CVE-2024-44913 1 Irfanview 1 Exr 2026-06-17 N/A 5.5 MEDIUM
An issue in the component EXR!ReadEXR+0x40ef1 of Irfanview v4.67.1.0 allows attackers to cause an access violation via a crafted EXR file. This vulnerability can lead to a Denial of Service (DoS).
CVE-2024-44860 1 Solvait 1 Solvait 2026-06-17 N/A 7.5 HIGH
An information disclosure vulnerability in the /Letter/PrintQr/ endpoint of Solvait v24.4.2 allows attackers to access sensitive data via a crafted request.
CVE-2024-44571 1 Relyum 2 Rely-pcie, Rely-pcie Firmware 2026-06-17 N/A 8.8 HIGH
RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain incorrect access control in the mService function at phpinf.php.
CVE-2024-44313 1 Tastyigniter 1 Tastyigniter 2026-06-17 N/A 8.1 HIGH
TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the invoice() function within Orders.php which allows unauthorized users to access and generate invoices due to missing permission checks.
CVE-2024-44303 1 Apple 1 Macos 2026-06-17 N/A 7.5 HIGH
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.1. A malicious application may be able to modify protected parts of the file system.
CVE-2024-44271 1 Apple 1 Macos 2026-06-17 N/A 3.3 LOW
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2. An app may be able to record the screen without an indicator.
CVE-2024-44219 1 Apple 1 Macos 2026-06-17 N/A 7.5 HIGH
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.1. A malicious application with root privileges may be able to access private information.
CVE-2024-44210 1 Apple 1 Macos 2026-06-17 N/A 3.3 LOW
This issue was addressed with improved permissions checking. This issue is fixed in macOS Sequoia 15.1. An app may be able to access user-sensitive data.
CVE-2024-43813 1 Mattermost 1 Mattermost 2026-06-17 N/A 4.3 MEDIUM
Mattermost versions 9.5.x <= 9.5.7, 9.10.x <= 9.10.0 fail to enforce proper access controls which allows any authenticated user, including guests, to mark any channel inside any team as read for any user.
CVE-2024-43780 1 Mattermost 1 Mattermost Server 2026-06-17 N/A 4.3 MEDIUM
Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.0, 9.8.x <= 9.8.2 fail to enforce permissions which allows a guest user with read access to upload files to a channel.
CVE-2024-43717 1 Adobe 1 Experience Manager 2026-06-17 N/A 4.3 MEDIUM
Adobe Experience Manager versions 6.5.21 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality. Exploitation of this issue does not require user interaction.
CVE-2024-43716 1 Adobe 1 Experience Manager 2026-06-17 N/A 4.3 MEDIUM
Adobe Experience Manager versions 6.5.21 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality. Exploitation of this issue does not require user interaction.
CVE-2024-43600 1 Microsoft 1 Office 2026-06-17 N/A 7.8 HIGH
Microsoft Office Elevation of Privilege Vulnerability
CVE-2024-43594 1 Microsoft 3 System Center 2019, System Center 2022, System Center 2025 2026-06-17 N/A 7.3 HIGH
Microsoft System Center Elevation of Privilege Vulnerability
CVE-2024-43590 1 Microsoft 3 Visual Studio 2017, Visual Studio 2019, Visual Studio 2022 2026-06-17 N/A 7.8 HIGH
Visual C++ Redistributable Installer Elevation of Privilege Vulnerability
CVE-2024-43530 1 Microsoft 5 Windows 10 21h2, Windows 10 22h2, Windows 11 22h2 and 2 more 2026-06-17 N/A 7.8 HIGH
Windows Update Stack Elevation of Privilege Vulnerability