Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,300 vulnerabilities with CWE-284

CVE-2024-2019 HIGH

WP-DB-Table-Editor <1.8.4 - Info Disclosure

CVE-2024-23360 HIGH

Qualcomm FastConnect and Snapdragon Firmware - Memory Corruption via LPAC Client Creation

CVE-2024-20065 MEDIUM

Android - Unauthenticated Local Information Disclosure via Telephony Missing Permission Check

CVE-2024-35433 HIGH

ZKTeco ZKBio CVSecurity 6.1.1 - Authenticated Incorrect Access Control

CVE-2024-0434 MEDIUM

WpTravelly <1.7.1 - Info Disclosure

CVE-2024-23315 HIGH

AutomationDirect P3-550E 1.2.10.9 - Unauthenticated Sensitive Information Disclosure via IMM 01A1 Memory Read

CVE-2024-22187 CRITICAL

AutomationDirect P3-550E <1.2.10.9 - Memory Corruption

CVE-2024-5272 MEDIUM

Mattermost 8.1.0-8.1.12 9.5.0-9.5.3 9.6.0-9.6.1 - Improper Access Control in Playbook Run Webhook Event

CVE-2024-5270 MEDIUM

Mattermost 8.1.0-8.1.12, 9.5.0-9.5.3, 9.6.0-9.6.1, 9.7.0-9.7.1 - Improper Access Control via SAML to Email Switch

CVE-2024-36241 LOW

Mattermost <9.5.4, <9.6.2, <8.1.13 - Info Disclosure

CVE-2024-34152 MEDIUM

Mattermost <9.5.4, <9.6.2, <8.1.13 - Info Disclosure

CVE-2024-32045 MEDIUM

Mattermost <9.5.4, <9.6.2, <8.1.13 - Privilege Escalation

CVE-2024-31859 MEDIUM

Mattermost <9.5.4, <9.6.2, <8.1.13 - Privilege Escalation

CVE-2024-29215 MEDIUM

Mattermost <9.5.4, 9.7.2, 9.6.2, 8.1.13 - Info Disclosure

CVE-2024-35396 CRITICAL

TOTOLINK CP900L v4.1.5cu.798_B20221228 - Hardcoded Password for Telnet

CVE-2024-1376 MEDIUM

Event post < 5.9.5 - Authenticated Unauthorized Bulk Metadata Update via save_bulkdatas Function

CVE-2024-35222 MEDIUM

Tauri < 1.6.7 and 2.0.0-beta.0-2.0.0-beta.19 - Improper Access Control via Remote Origin iFrame

CVE-2024-5168 CRITICAL

Prodys' Quantum Audio codec <2.3.4t - Auth Bypass

CVE-2024-26139 HIGH

OpenCTI < 5.12.31 - Authenticated Privilege Escalation via Profile Edit Functionality

CVE-2024-32969 LOW

vantage6 < 4.5.0rc3 - Improper Access Control via Organization Addition

CVE-2024-22026 MEDIUM

EPMM <12.1.0.0 - Privilege Escalation

CVE-2024-27264 HIGH

IBM Performance Tools for i <7.6 - Privilege Escalation

CVE-2024-20261 MEDIUM

Cisco Firepower Threat Defense - Info Disclosure

CVE-2024-33227 HIGH

Nicomsoft WinI2C/DDC <3.7.4.0 - Privilege Escalation

CVE-2024-0453 MEDIUM

WordPress AI ChatBot <5.3.4 - Info Disclosure

Previous Page 105 of 212 Next

Details

Vulnerabilities 5,300

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy