Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,300 vulnerabilities with CWE-284

CVE-2024-33027 HIGH

Qualcomm 315 5G IoT Modem Firmware - Memory Corruption via GPU Page Table Manipulation

CVE-2024-41518 HIGH

Feripro <= 2.2.3 - Unauthenticated Information Disclosure via Admin Statistics Export

CVE-2024-41926 LOW

Mattermost 9.5.0-9.5.6 and 9.9.0 - Improper Access Control via RemoteId Spoofing

CVE-2024-41162 MEDIUM

Mattermost 9.5.0-9.5.6 9.7.0-9.7.5 9.8.0-9.8.1 9.9.0 - Unauthenticated Channel Modification via Shared Channels

CVE-2024-41144 MEDIUM

Mattermost Server < 9.5.7 - Improper Access Control

CVE-2024-39839 MEDIUM

Mattermost 9.5.0-9.5.6, 9.7.0-9.7.5, 9.8.0-9.8.1, 9.9.0 - Improper Access Control in Shared Channels

CVE-2024-39837 LOW

Mattermost 9.5.0-9.5.6 and 9.9.0 - Unauthenticated Arbitrary Channel Creation via Shared Channels

CVE-2024-39777 HIGH

Mattermost 9.5.0-9.5.6 9.7.0-9.7.5 9.8.0-9.8.1 9.9.0 - Improper Access Control via Shared Channel Invite

CVE-2024-39274 HIGH

Mattermost 9.5.0-9.5.6 9.7.0-9.7.5 9.8.0-9.8.1 9.9.0 - Improper Access Control in Shared Channel Validation

CVE-2024-36492 HIGH

Mattermost <9.9.0-9.8.1 - Privilege Escalation

CVE-2024-29977 LOW

Mattermost 9.5.0-9.5.6 and 9.9.0 - Improper Access Control for Synced Reactions

CVE-2024-5331 MEDIUM

Breakdance <1.7.2 - Info Disclosure

CVE-2024-38909 CRITICAL

Studio 42 elFinder 2.1.64 - Improper Access Control via File Copy

CVE-2024-40822 LOW

iPadOS < 16.7.9 and 17.6 - Unauthenticated Contacts Access from Lock Screen

CVE-2024-40812 HIGH

iPadOS < 16.7.9 - Improper Access Control via Shortcut Internet Permission Bypass

CVE-2024-40786 HIGH

iPadOS < 16.7.9 - Unauthorized Sensitive Information Exposure

CVE-2024-28805 CRITICAL

Italtel i-MCS NFV 12.1.0-20211215 - Improper Access Control

CVE-2024-6727 MEDIUM

Delphix Data Control Tower (DCT) < 19.0.0 - Broken Authentication via Enable-Scale-Testing Functionality

CVE-2024-7154 MEDIUM

TOTOLINK A3700R 9.1.2u.5822_B20200513 - Improper Access Control in Password Reset Handler

CVE-2024-40117 CRITICAL

Solar-Log <v2.8.2 - Privilege Escalation

CVE-2024-41806 MEDIUM

Open edX Platform - Info Disclosure

CVE-2024-7057 MEDIUM

GitLab 16.7-17.0.4, 17.1-17.1.2, 17.2 - Information Disclosure via Job Artifacts

CVE-2024-36535 CRITICAL

meshery <0.7.51 - Privilege Escalation

CVE-2024-36537 HIGH

cert-manager <1.14.4 - Privilege Escalation

CVE-2024-38164 CRITICAL

GroupMe - Unauthenticated Privilege Escalation via Malicious Link

Previous Page 101 of 212 Next

Details

Vulnerabilities 5,300

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy