Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,306 vulnerabilities with CWE-284

CVE-2023-24490 MEDIUM

Citrix Virtual Apps and Desktops < 2305 - Improper Access Control

CVE-2023-24489 CRITICAL KEV

Citrix ShareFile Storage Zones Controller - Unauthenticated Remote Compromise

CVE-2023-24486 MEDIUM

Citrix Workspace app for Linux - Privilege Escalation

CVE-2023-3273 HIGH

SICK ICR890-4 Firmware < 2.5.0 - Unauthenticated Improper Access Control

CVE-2023-3271 HIGH

SICK ICR890-4 Firmware < 2.5.0 - Unauthenticated Information Disclosure via REST API

CVE-2023-35940 HIGH

GLPI 9.5.0-10.0.8 - Unauthenticated Dashboard Data Access via Incorrect Rights Check

CVE-2023-35939 HIGH

GLPI <10.0.8 - Privilege Escalation

CVE-2023-34107 MEDIUM

GLPI 9.2.0-10.0.7 - Authenticated Incorrect Access Control in KnowbaseItems

CVE-2023-34106 MEDIUM

GLPI <10.0.8 - Privilege Escalation

CVE-2023-21518 MEDIUM

SearchWidget <3.3 - Privilege Escalation

CVE-2023-3431 MEDIUM

PlantUML < 1.2023.9 - Improper Access Control

CVE-2023-35927 HIGH

NextCloud Server <26.0.2 - Privilege Escalation

CVE-2023-35173 MEDIUM

Nextcloud End-to-end Encryption 1.12.0-1.12.3 - Denial of Service via Invalid Metadata File

CVE-2023-35167 MEDIUM

remult < 0.20.6 - Improper Access Control via apiPrefilter Function

CVE-2023-3304 MEDIUM

admidio/admidio <4.2.9 - Info Disclosure

CVE-2023-3303 LOW

admidio/admidio <4.2.9 - Info Disclosure

CVE-2023-1862 HIGH

Cloudflare WARP client <v2023.3.381.0 - Code Injection

CVE-2023-3306 HIGH

Ruijie RG-EW1200G EW_3.0(1)B11P204 - Info Disclosure

CVE-2023-3305 HIGH

C-DATA Web Management System <20230607 - Improper Access Controls

CVE-2023-28810 MEDIUM

Access Control/Intercom < - Info Disclosure

CVE-2023-28809 HIGH

Hikvision Access Control Devices - Session Hijacking via Reused Session ID

CVE-2023-32009 HIGH

Windows Collaborative Translation Framework - Privilege Escalation

CVE-2023-24546 HIGH

Arista CloudVision Portal - Info Disclosure

CVE-2023-2159 MEDIUM

CMP - Coming Soon & Maintenance Plugin by NiteoThemes <= 4.1.7 - Maintenance Mode Bypass via cmp_bypass Parameter

CVE-2023-2183 MEDIUM

Grafana 8.0.0-8.5.25 - Unauthenticated Test Alert Abuse via API

Previous Page 130 of 213 Next

Details

Vulnerabilities 5,306

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy