Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,306 vulnerabilities with CWE-284

CVE-2023-27509 MEDIUM

Intel ISPC Software Installer < 1.19.0 - Authenticated Privilege Escalation via Local Access

CVE-2023-27391 MEDIUM

Intel oneAPI Toolkit < 2023.1 - Privilege Escalation via Improper Access Control

CVE-2023-25775 MEDIUM

Intel Ethernet Controller RDMA Driver for Linux < 1.9.30 - Unauthenticated Privilege Escalation via Network Access

CVE-2023-25773 HIGH

Intel Unite Hub < 4.2.34962 - Authenticated Privilege Escalation via Local Access

CVE-2023-25757 HIGH

Intel Unison < 10.12 - Privilege Escalation via Network Access

CVE-2023-23908 MEDIUM

Intel Xeon Scalable - Info Disclosure

CVE-2023-35179 HIGH

SolarWinds Serv-U 15.4 - Authenticated Multi-Factor Authentication Bypass

CVE-2023-39963 HIGH

Nextcloud Server 20.0.0-27.0.1 - Unauthenticated App Password Creation via Stolen Session

CVE-2023-39962 HIGH

Nextcloud Server Improper Access Control in External Storage Deletion

CVE-2023-39961 LOW

Nextcloud Server 24.0.4-24.0.12.4, 25.0.0-25.0.8, 26.0.0-26.0.3, 27.0.0 - Improper Access Control

CVE-2023-39959 LOW

Nextcloud Server 25.0.0-25.0.8 - Unauthenticated Information Disclosure via DAV Request

CVE-2023-39952 MEDIUM

Nextcloud Server 22.0.0-27.0.0 - Improper Access Control in Groupfolder Subfolder Permissions

CVE-2023-38167 HIGH

Microsoft Dynamics 365 Business Central - Elevation of Privilege

CVE-2023-36890 MEDIUM

Microsoft SharePoint Server - Info Disclosure

CVE-2023-36889 MEDIUM

Microsoft Windows Group Policy - Security Feature Bypass

CVE-2023-39349 HIGH

Sentry 22.1.0-23.7.1 - Authenticated Token Scope Escalation via API Token Query

CVE-2023-4183 MEDIUM

Inventory Management System 1.0 - Improper Access Control in Password Handler

CVE-2023-4169 MEDIUM

Ruijie RG-EW1200G 1.0(1)B1P5 - Improper Access Control in Administrator Password Handler

CVE-2023-37478 HIGH

pnpm < 7.33.4 - Improper Access Control via Tarball Parsing

CVE-2023-3786 MEDIUM

Aures Komet < 20230509 - Improper Access Control in Kiosk Mode

CVE-2023-22014 HIGH

Oracle PeopleSoft Enterprise PeopleTools 8.59 and 8.60 - Unauthenticated Remote Code Execution in Portal

CVE-2023-37267 HIGH

Umbraco CMS 10.0.0-10.6.0 - Unauthenticated Privilege Escalation to Admin

CVE-2023-29298 HIGH KEV

Adobe ColdFusion <2018u16, 2021u6, 2023.0.0.330468 - Security Featu...

CVE-2023-33155 HIGH

Windows Cloud Files Mini Filter Driver - Privilege Escalation

CVE-2023-29130 CRITICAL

SIMATIC CN 4100 <V2.5 - Privilege Escalation

Previous Page 129 of 213 Next

Details

Vulnerabilities 5,306

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy