Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,306 vulnerabilities with CWE-284

CVE-2023-40730 HIGH

QMS Automotive <V12.39 - Privilege Escalation

CVE-2023-3039 HIGH

SD ROM Utility <1.0.2.0 - Code Injection

CVE-2023-40039 CRITICAL

ARRIS TG852G TG862G TG1672G - Unauthenticated WPA2-PSK Derivation via Beacon Frame

CVE-2023-37759 CRITICAL

Crypto Currency Tracker < 9.5 - Unauthenticated Admin Registration via User Registration Page

CVE-2023-40060 HIGH

SolarWinds Serv-U 15.4-15.4 Hotfix 1 - Authenticated Multi-Factor Authentication Bypass

CVE-2023-36635 HIGH

Fortinet FortiSwitchManager <7.2.2, <7.0.1 - Privilege Escalation

CVE-2023-31242 HIGH

Open Automation Software OAS Platform <18.00.0072 - Auth Bypass

CVE-2023-4696 CRITICAL

memos < 0.13.2 - Improper Access Control

CVE-2023-4650 MEDIUM

instantcms < 2.16.1 - Improper Access Control

CVE-2023-4640 MEDIUM

YugabyteDB Anywhere <2.17.3 - Info Disclosure

CVE-2023-40170 MEDIUM

jupyter_server < 2.7.2 - Improper Access Control in Files Endpoint

CVE-2023-4546 LOW

Byzoro Smart S85F Management Platform <20230816 - Info Disclosure

CVE-2023-40579 MEDIUM

OpenFGA < 1.3.1 - Authorization Bypass via ListObjects API

CVE-2023-40573 CRITICAL

XWiki < 14.10.9 - Remote Code Execution via Scheduled Job Script Injection

CVE-2023-20230 MEDIUM

Cisco Application Policy Infrastructure Controller 5.2-5.2(8d) - Authenticated Improper Access Control

CVE-2023-38132 HIGH

LAN-W451NGR - Unauthenticated Telnet Access via Improper Access Control

CVE-2023-39973 MEDIUM

AcyMailing 6.7.0-8.7.0 - Unauthenticated Improper Access Control

CVE-2023-39972 MEDIUM

AcyMailing 6.7.0-8.7.0 - Unauthenticated Improper Access Control

CVE-2023-36106 HIGH

powerjob < 4.3.2 - Unauthenticated Sensitive Information Exposure via /container/list appId Parameter

CVE-2023-39743 MEDIUM

lzma_software_development_kit 23.01 - Access Violation in bz3_decode_block

CVE-2023-20237 MEDIUM

Cisco Intersight Virtual Appliance - Unauthenticated Access

CVE-2023-20224 HIGH

Cisco ThousandEyes Enterprise Agent - Privilege Escalation

CVE-2023-32609 MEDIUM

Intel Unite < 4.2.3504 - Authenticated Information Disclosure via Local Access

CVE-2023-32285 MEDIUM

Intel NUC BIOS Firmware - Denial of Service via Improper Access Control

CVE-2023-28714 HIGH

Intel PROSet/Wireless <22.220 HF - Privilege Escalation

Previous Page 128 of 213 Next

Details

Vulnerabilities 5,306

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy