Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,300 vulnerabilities with CWE-284

CVE-2024-21112 HIGH

Oracle VM VirtualBox < 7.0.16 - Authenticated Remote Code Execution

CVE-2024-21110 HIGH

Oracle VM VirtualBox < 7.0.16 - Authenticated Remote Code Execution via Core Component

CVE-2024-21107 MEDIUM

Oracle VM VirtualBox < 7.0.16 - Authenticated Privilege Escalation in Core Component

CVE-2024-21103 HIGH

Oracle VM VirtualBox < 7.0.16 - Authenticated Privilege Escalation

CVE-2024-21091 MEDIUM

Oracle Agile Product Lifecycle Management for Process 6.2.4.2 - Unauthorized Data Access via Data Import

CVE-2024-21084 MEDIUM

Oracle BI Publisher 7.0.0.0.0 and 12.2.1.4.0 - Unauthenticated Unauthorized Data Access via Service Gateway

CVE-2024-21076 HIGH

Oracle Trade Management 12.2.3-12.2.13 - Unauthenticated Unauthorized Data Access via Offer LOV

CVE-2024-21074 HIGH

Oracle Trade Management 12.2.3-12.2.13 - Unauthenticated Improper Access Control in Finance LOV

CVE-2024-21071 CRITICAL

Oracle Workflow 12.2.3-12.2.13 - Authenticated Remote Code Execution via Admin Screens and Grants UI

CVE-2024-21067 HIGH

Oracle Enterprise Manager Base Platform 13.5.0.0 - Authenticated Privilege Escalation in Host Management

CVE-2024-20992 MEDIUM

Oracle WebCenter Portal 12.2.1.4.0 - Unauthorized Data Access via Content Integration

CVE-2024-24487 MEDIUM

Silex Technology DS-600 <1.4.1 - DoS

CVE-2024-24486 CRITICAL

Silex Technology DS-600 Firmware 1.4.1 - Unauthorized Device Settings Modification

CVE-2024-24485 HIGH

Silex Technology DS-600 Firmware <1.4.1 - Info Disclosure

CVE-2024-29843 HIGH

Evolution Controller <2.04.560.31.03.2024 - Info Disclosure

CVE-2024-29842 HIGH

Evolution Controller <2.04.560.31.03.2024 - Info Disclosure

CVE-2024-29841 HIGH

Evolution Controller <2.04.560.31.03.2024 - Info Disclosure

CVE-2024-29840 HIGH

Evolution Controller <2.04.560.31.03.2024 - Info Disclosure

CVE-2024-29839 HIGH

Evolution Controller <2.04.560.31.03.2024 - Info Disclosure

CVE-2024-29837 HIGH

Evolution Controller <2.04.560.31.03.2024 - Info Disclosure

CVE-2024-29836 CRITICAL

Evolution Controller <2.04.560.31.03.2024 - Info Disclosure

CVE-2024-3765 CRITICAL

Sofia Service - Improper Access Controls

CVE-2024-25852 HIGH

Linksys RE7000 - Command Injection

CVE-2024-2217 HIGH

gaizhenbiao/chuanhuchatgpt - Info Disclosure

CVE-2024-2731 MEDIUM

Mautic <= 4.4.9 - Information Disclosure

Previous Page 108 of 212 Next

Details

Vulnerabilities 5,300

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy