Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,300 vulnerabilities with CWE-284

CVE-2024-0452 MEDIUM

WordPress AI ChatBot <5.3.4 - Info Disclosure

CVE-2024-0451 MEDIUM

WordPress AI ChatBot <5.3.4 - Info Disclosure

CVE-2024-4988 HIGH

TECNO com.transsion.videocallenhancer 1.1.9.973 - Unauthenticated Private File Leakage

CVE-2024-36080 CRITICAL

Westermo EDW-100 through 2024-05-03 - Unauthenticated Hardcoded Root Credentials

CVE-2024-21828 MEDIUM

Intel(R) Ethernet Controller <28.3 - Privilege Escalation

CVE-2024-4263 MEDIUM

mlflow/mlflow <2.10.1 - Info Disclosure

CVE-2024-28087 MEDIUM

Bonita Server < 10.1.0.W11 - Insecure Direct Object Reference via Missing Dynamic Permissions

CVE-2024-34099 HIGH

Acrobat Reader <20.005.30574, 24.002.20736 - RCE

CVE-2024-0437 MEDIUM

Password Protected - Ultimate Plugin <2.6.6 - Info Disclosure

CVE-2024-30059 MEDIUM

Microsoft Intune - Privilege Escalation

CVE-2024-33647 MEDIUM

Polarion ALM <V2404.0 - Info Disclosure

CVE-2024-2749 MEDIUM

VikBooking Hotel Booking Engine & PMS < 1.6.8 - Improper Access Control

CVE-2024-27841 MEDIUM

iOS <17.5- iPadOS <17.5 - macOS Sonoma <14.5 - Info Disclosure

CVE-2024-27803 LOW

iPadOS < 17.5 - Unauthenticated Lock Screen Data Exposure via Shared Items

CVE-2024-27790 HIGH

FileMaker Server <20.3.2 - Auth Bypass

CVE-2024-1230 MEDIUM

SimpleShop <= 2.10.0 - Cross-Site Request Forgery via maybe_disconnect_simpleshop Function

CVE-2024-0025 HIGH

Android - Local Privilege Escalation via ActivityManagerService Logic Error

CVE-2024-29207 HIGH

UniFi Connect <3.7.9 - Info Disclosure

CVE-2024-29206 LOW

UniFi Connect EV Station < 1.2.15 - Authenticated Improper Access Control via ADB Enablement

CVE-2024-23351 HIGH

Qualcomm FastConnect and Flight RB5 5G Firmware - Memory Corruption via LPAC Submissions

CVE-2024-34068 MEDIUM

Pterodactyl Panel <1.11.2 - Auth Bypass

CVE-2024-34404 MEDIUM

Veritas NetBackup <10.4 - Privilege Escalation

CVE-2024-33396 HIGH

karmada-io karmada v1.9.0 and before - Arbitrary Code Execution via Token Component

CVE-2024-1678 MEDIUM

Subway Private Site Option <2.1.4 - Info Disclosure

CVE-2024-1584 MEDIUM

Analytify < 5.2.1 - Unauthenticated Data Modification via wpa_check_authentication

Previous Page 106 of 212 Next

Details

Vulnerabilities 5,300

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy