Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,309 vulnerabilities with CWE-284

CVE-2022-20918 HIGH

Cisco FirePOWER Software SNMP Info Disclosure via Default Credentials

CVE-2022-25679 MEDIUM

Qualcomm Snapdragon Firmware - Denial of Service via Video Broadcast Receiver

CVE-2022-42126 MEDIUM

Liferay Portal 7.3.5-7.4.3.28 and DXP 7.3-7.4 - Authenticated Improper Access Control in Asset Libraries

CVE-2022-36789 HIGH

Intel NUC 10 Performance Kit and Mini PC Firmware < FNCML357.0053 - Authenticated Privilege Escalation via Local Access

CVE-2022-35276 HIGH

Intel NUC 8 Compute Element Firmware < CBWHL357.0096 - Authenticated Privilege Escalation via Local Access

CVE-2022-43679 MEDIUM

ownCloud Server <=10.11 - Info Disclosure

CVE-2022-39889 MEDIUM

GalaxyWatch4Plugin < 2.2.11.22101351 - Improper Access Control

CVE-2022-39887 MEDIUM

Android - Improper Access Control in MiscPolicy clearAllGlobalProxy

CVE-2022-39884 MEDIUM

Android - Improper Access Control in IImsService

CVE-2022-31687 CRITICAL

VMware Workspace ONE Assist < 22.10 - Unauthenticated Broken Access Control

CVE-2022-27673 HIGH

AMD Link < 5.0.220614 - Information Disclosure via Insufficient Access Controls

CVE-2022-25932 CRITICAL

InRouter302 Firmware < 3.5.56 - Privilege Escalation and Information Disclosure

CVE-2022-42707 HIGH

Mahara 21.04.0-21.04.6, 21.10.0-21.10.4, 22.04.0-22.04.2 - Improper Access Control in Embedded Image Handling

CVE-2022-22442 MEDIUM

IBM InfoSphere Information Server 11.7 - Privilege Escalation

CVE-2022-39370 MEDIUM

GLPI 0.70-10.0.3 - Authenticated Improper Access Control via Update Script Debug Panel

CVE-2022-44622 LOW

JetBrains TeamCity 2021.2-2022.10 - Improper Access Control for Secure Token Health Items

CVE-2022-42814 MEDIUM

macOS < 13.0 - Unprotected User Data Exposure via Logic Issue

CVE-2022-42811 MEDIUM

iPadOS < 16.0 - Unprotected User Data Exposure via Sandbox Restriction Bypass

CVE-2022-32946 MEDIUM

iPadOS < 16.0 - Unauthorized Audio Recording via AirPods

CVE-2022-32918 MEDIUM

iPhone OS < 16.0 and macOS < 13.0 - Privacy Preference Bypass

CVE-2022-32904 MEDIUM

macOS 11.0-11.6 - Unprotected User Data Exposure via Sandbox Restriction Bypass

CVE-2022-3780 HIGH

Remote Desktop Manager < 2022.3.8 - Unauthorized Data Access via Deleted User Database Connections

CVE-2022-42327 HIGH

Xen - Unintended Memory Sharing Between Guests via xAPIC Page Access

CVE-2022-39329 LOW

Nextcloud Server and Nextcloud Enterprise Server < 23.0.9 - Unauthenticated Information Exposure

CVE-2022-33757 MEDIUM

Nessus < 10.2.0 - Authenticated Improper Access Control in Debug Log File Attachments

Previous Page 144 of 213 Next

Details

Vulnerabilities 5,309

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy