Vulnerabilities > Insufficient Granularity of Access Control

DATE	CVE	VULNERABILITY TITLE	RISK
2025-05-13	CVE-2025-32703	Insufficient granularity of access control in Visual Studio allows an authorized attacker to disclose information locally. local low complexity CWE-1220	5.5
2025-04-07	CVE-2024-33058	Memory corruption while assigning memory from the source DDR memory(HLOS) to ADSP. local high complexity CWE-1220	7.5
2025-02-26	CVE-2025-20111	A vulnerability in the health monitoring diagnostics of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of specific Ethernet frames. low complexity CWE-1220	7.4
2024-09-13	CVE-2024-6867	Insufficient Granularity of Access Control vulnerability in Lunary 1.4.9 An information disclosure vulnerability exists in the lunary-ai/lunary, specifically in the `runs/{run_id}/related` endpoint. network low complexity lunary CWE-1220	6.5
2023-08-11	CVE-2023-39418	Insufficient Granularity of Access Control vulnerability in multiple products A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. network low complexity postgresql redhat debian CWE-1220	4.3