Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,300 vulnerabilities with CWE-284

CVE-2024-0712 HIGH

Byzoro Smart S150 Management Platform V31R02B15 - Info Disclosure

CVE-2024-22415 HIGH

jupyter-lsp < 2.2.2 - Unauthenticated Improper Access Control

CVE-2024-0642 CRITICAL

C21 Live Encoder & Live Mosaic <5.3 - Privilege Escalation

CVE-2024-22407 MEDIUM

Shopware <6.5.7.4 - Privilege Escalation

CVE-2024-20969 MEDIUM

MySQL Server 8.0.0-8.0.35 and 8.2.0 - Authenticated Denial of Service and Unauthorized Data Modification via DDL

CVE-2024-20952 HIGH

Oracle Openjdk < 11.0.24 - Improper Access Control

CVE-2024-20948 MEDIUM

Oracle Knowledge Management 12.2.3-12.2.13 - Unauthenticated Improper Access Control via HTTP

CVE-2024-20938 MEDIUM

Oracle iStore 12.2.3-12.2.13 - Unauthenticated Improper Access Control via HTTP

CVE-2024-20936 MEDIUM

Oracle One-to-One Fulfillment 12.2.3-12.2.13 - Unauthenticated Improper Access Control in Documents Component

CVE-2024-20932 HIGH

Oracle GraalVM 17.0.9 and GraalVM Enterprise Edition 21.3.8, 22.3.4 - Unauthenticated Improper Access Control

CVE-2024-20926 MEDIUM

Oracle GraalVM - Unauthenticated Improper Access Control

CVE-2024-20918 HIGH

Oracle GraalVM 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1 - Unauthenticated Improper Access Control via Hotspot

CVE-2024-20916 HIGH

Oracle Enterprise Manager Base Platform 13.5.0.0 - Unauthorized Data Access and Partial DoS

CVE-2024-20912 LOW

Oracle Audit Vault and Database Firewall 20.1-20.9 - Authenticated Unauthorized Data Manipulation via Oracle Net

CVE-2024-0570 HIGH

Totolink N350RT 9.3.5u.6265 - Improper Access Controls

CVE-2024-22209 MEDIUM

Open edX Platform - Info Disclosure

CVE-2024-22206 CRITICAL

Clerk <4.29.2 - Privilege Escalation

CVE-2024-21589 HIGH

Juniper Paragon Active Assurance Control Center 3.1.0-3.4.0 - Unauthenticated Sensitive Data Exposure via Report Access

CVE-2024-20675 MEDIUM

Microsoft Edge - Privilege Escalation

CVE-2024-0415 MEDIUM

DeShang DSMall < 6.1.0 - Improper Access Control in Image URL Handler

CVE-2024-0414 MEDIUM

DeShang DSCMS <= 3.1.2 - Improper Access Control in Install Script

CVE-2024-0413 MEDIUM

DeShang DSKMS < 3.1.2 - Improper Access Control in Install Script

CVE-2024-0412 MEDIUM

DeShang DSShop <= 3.1.0 - Improper Access Control in HTTP GET Request Handler

CVE-2024-0411 MEDIUM

DeShang DSMall < 6.1.0 - Improper Access Control in HTTP GET Request Handler

CVE-2024-21667 MEDIUM

pimcore customer_management_framework < 4.0.6 - Authenticated Improper Access Control in GDPR Data Extraction

Previous Page 115 of 212 Next

Details

Vulnerabilities 5,300

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy