Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,306 vulnerabilities with CWE-284

CVE-2023-25605 HIGH

Fortinet FortiSOAR 7.3.0-7.3.1 - Authenticated Improper Access Control via Crafted HTTP Requests

CVE-2023-22335 HIGH

Rakuraku PC Cloud Agent < 2.1.8 and SS1 < 13.0.0.40 - Unauthenticated Arbitrary File Read via Improper Access Control

CVE-2023-26474 CRITICAL

XWiki 13.10-13.10.10 - Improper Access Control via Text Area Property Execution

CVE-2023-26473 MEDIUM

XWiki Platform <1.3-rc-1 - Info Disclosure

CVE-2023-26471 CRITICAL

XWiki 11.6-13.10.9 - Authenticated Privilege Escalation via Async Macro

CVE-2023-23508 MEDIUM

macOS 11.0-11.7.2 - Privacy Preferences Bypass via Improper Access Control

CVE-2023-25821 MEDIUM

Nextcloud Server 24.0.4-24.0.6 and 25.0.0 - Improper Access Control via Reshare Permissions

CVE-2023-1007 MEDIUM

Twister Antivirus 8.17 - Improper Access Control in IoControlCode Handler

CVE-2023-0998 MEDIUM

Alphaware Simple E-Commerce System 1.0 - Improper Access Control in Payment Handler

CVE-2023-0963 HIGH

SourceCodester Music Gallery Site 1.0 - Improper Access Control in Users.php POST Request Handler

CVE-2023-24320 CRITICAL

Axcora POS <gitf77ec09 - Command Injection

CVE-2023-22920 CRITICAL

Zyxel LTE3316-M604 V2.00(ABMP.6)C0 - Unauthenticated Remote Access via Telnet Misconfiguration

CVE-2023-0916 MEDIUM

Auto Dealer Management System 1.0 - Improper Access Control in Users.php

CVE-2023-22232 MEDIUM

Adobe Connect <11.4.5, 12.1.5 - Auth Bypass

CVE-2023-23923 HIGH

Moodle < 3.9.19 - Improper Access Control via Start Page Preference

CVE-2023-24485 HIGH

Citrix Workspace app - Privilege Escalation

CVE-2023-24484 MEDIUM

Citrix Workspace < 2212 - Improper Access Control

CVE-2023-23752 MEDIUM KEV

Joomla! 4.0.0-4.2.7 - Unauthenticated Improper Access Control in Webservice Endpoints

CVE-2023-22807 CRITICAL

LS ELECTRIC XBC-DN32U Firmware 01.80 - Improper Access Control via XGT Protocol

CVE-2023-22805 MEDIUM

LS ELECTRIC XBC-DN32U 01.80 - Improper Access Control in Read Prohibition Feature

CVE-2023-20927 HIGH

Android 13 - Local Privilege Escalation via Signature Permission Bypass

CVE-2023-21777 HIGH

Azure App Service on Azure Stack Hub - Privilege Escalation

CVE-2023-21717 HIGH

Microsoft SharePoint Server - Privilege Escalation

CVE-2023-25149 HIGH

TimescaleDB 2.8.0-2.9.2 - Privilege Escalation via Telemetry Job Search Path

CVE-2023-23835 MEDIUM

Mendix <7.23.34, <8.18.23, <9.22.0, <9.12.10, <9.18.4, <9.6.15 - Au...

Previous Page 135 of 213 Next

Details

Vulnerabilities 5,306

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy