Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,306 vulnerabilities with CWE-284

CVE-2023-25161 LOW

Nextcloud Server < 23.0.12, 24.0.8, 25.0.1 - Denial of Service via Password Reset Rate Limit Bypass

CVE-2023-25159 LOW

Nextcloud Server 24.0.4-24.0.7 and 25.0.0 - Improper Access Control in Preview Watermark

CVE-2023-0661 MEDIUM

Devolutions Server 2022.3.1.0-2022.3.10.0 - Authenticated Improper Access Control

CVE-2023-24688 MEDIUM

mojoportal 2.7.0.0 - Unauthenticated User Registration Bypass

CVE-2023-21447 MEDIUM

Samsung Cloud < 5.3.0.32 - Improper Access Control via Implicit Intent

CVE-2023-21445 MEDIUM

Samsung Android MyFiles < 12.2.09/13.1.03.501/14.1.00.422 - Unauthenticated Arbitrary File Write via Implicit Intent

CVE-2023-21442 MEDIUM

Samsung Android Runestone < 2.9.09.003 (R) and < 3.2.01.007 (S) - Unauthenticated Device Location Information Disclosure

CVE-2023-21438 LOW

Samsung Android - Improper Access Control in HomeScreen

CVE-2023-21427 MEDIUM

Samsung Android - Improper Access Control in NfcTile

CVE-2023-25150 MEDIUM

Nextcloud richdocuments < 3.8.7 - Improper Access Control via Collabora Integration

CVE-2023-0744 CRITICAL

answerdev/answer < 1.0.4 - Account Takeover via Improper Access Control

CVE-2023-23615 MEDIUM

Discourse < 3.0.0 - Unauthenticated Topic Creation via Embeddable Comments

CVE-2023-24425 MEDIUM

Jenkins Kubernetes Credentials Provider Plugin <1.208 - Privilege E...

CVE-2023-24022 CRITICAL

Baicells Nova - Hardcoded Credentials

CVE-2023-0451 HIGH

Econolite EOS < 3.2.23 - Unauthenticated Sensitive Information Exposure via Log and Configuration Files

CVE-2023-22960 HIGH

Lexmark B2236 Firmware < mslsg.081.233 - Improper Access Control

CVE-2023-24058 MEDIUM

Booked Scheduler <2.5.5 - Privilege Escalation

CVE-2023-24028 CRITICAL

MISP <2.4.167 - Privilege Escalation

CVE-2023-22339 HIGH

CONPROSYS HMI System <3.4.5 - Auth Bypass

CVE-2023-21860 MEDIUM

Oracle MySQL <7.4.38, <7.5.28, <7.6.24, <8.0.31 - Privilege Escalation

CVE-2023-21894 HIGH

Oracle Fusion Middleware <13.9.4.2.11 - Privilege Escalation

CVE-2023-21893 HIGH

Oracle Data Provider for .NET <21c - RCE

CVE-2023-21857 HIGH

Oracle E-Business Suite <12.2.13 - RCE

CVE-2023-21855 HIGH

Oracle Sales for Handhelds <12.2.12 - Unauthorized Access

CVE-2023-21854 HIGH

Oracle E-Business Suite <12.2.13 - Unauthenticated RCE

Previous Page 136 of 213 Next

Details

Vulnerabilities 5,306

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy