Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,303 vulnerabilities with CWE-284

CVE-2023-32544 HIGH

Intel NUC P14E Laptop Element < 1.1.45 - Authenticated Denial of Service via HotKey Services Installer

CVE-2023-47034 HIGH

UniswapFrontRunBot - Improper Access Control

CVE-2023-20260 MEDIUM

Cisco Prime Infrastructure - Privilege Escalation

CVE-2023-21901 HIGH

Oracle Financial Services Analytical Apps <8.1.2 - RCE

CVE-2023-52105 HIGH

Huawei HarmonyOS - Privilege Escalation

CVE-2023-52099 HIGH

Huawei EMUI and HarmonyOS - Improper Access Control in NMS Module

CVE-2023-52114 HIGH

Huawei EMUI and HarmonyOS - Data Confidentiality Vulnerability in ScreenReader Module

CVE-2023-51070 HIGH

QStar Archive Solutions <RELEASE_3-0 Build 7 Patch 0 - Info Disclosure

CVE-2023-51065 HIGH

QStar Archive Solutions <RELEASE_3-0 Build 7 Patch 0 - Info Disclosure

CVE-2023-49099 LOW

Discourse < 3.1.4 - Unauthenticated Secure Upload URL Access

CVE-2023-49098 LOW

Discourse-reactions - Info Disclosure

CVE-2023-51751 MEDIUM

ScaleFusion 10.5.2 - Info Disclosure

CVE-2023-50159 HIGH

ScaleFusion 10.5.2 - Kiosk Mode Bypass via File Explorer Launch

CVE-2023-6582 MEDIUM

ElementsKit Elementor addons <3.0.3 - Info Disclosure

CVE-2023-28197 LOW

macOS < 11.7.5 - Unprotected User Data Exposure via Sandbox Restriction Bypass

CVE-2023-46712 HIGH

Fortinet FortiPortal <7.0.6, <7.2.1 - Privilege Escalation

CVE-2023-41603 MEDIUM

D-Link R15 <v1.08.02 - Info Disclosure

CVE-2023-7223 MEDIUM

Totolink T6 4.1.9cu.5241_B20210923 - Improper Access Control via cstecgi.cgi topicurl Parameter

CVE-2023-49961 HIGH

WALLIX Bastion 7.x-10.x and Access Manager 3.x-4.x - Improper Access Control

CVE-2023-29051 HIGH

OX App Suite < 7.10.6 - Unauthenticated Improper Access Control via User-Defined OXMF Templates

CVE-2023-6733 MEDIUM

WP-Members Membership Plugin <= 3.4.8 - Authenticated Sensitive Information Exposure via wpmem_field Shortcode

CVE-2023-50344 MEDIUM

HCL DRYiCE MyXalytics - Unauthenticated File Download via Improper Access Control

CVE-2023-50343 HIGH

HCL DRYiCE MyXalytics - Authenticated Improper Access Control via Controller APIs

CVE-2023-50341 HIGH

HCL DRYiCE MyXalytics - Improper Access Control via Obsolete Web Pages

CVE-2023-50333 LOW

Mattermost < 8.1.7 - Improper Access Control via Session Permission Update

Previous Page 121 of 213 Next

Details

Vulnerabilities 5,303

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy