CWE-284
Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
5,309 vulnerabilities with CWE-284
CVE-2022-3263
HIGH
Measuresoft ScadaPro Server <6.7 - Privilege Escalation
CVSS 7.8
CVE-2022-32848
MEDIUM
macOS 11.0-11.6.7 - Unprotected User Screen Capture
CVSS 5.5
CVE-2022-32800
MEDIUM
macOS - Unprotected File System Modification via Improper Access Control
CVSS 5.5
CVE-2022-32789
MEDIUM
macOS 12.0-12.4 - Privacy Preferences Bypass via Logic Issue
CVSS 5.5
CVE-2022-32783
MEDIUM
macOS 12.0-12.3 - Unauthorized Bluetooth Access via Logic Issue
CVSS 5.5
CVE-2022-32226
MEDIUM
Rocket.Chat < 4.7.5 - Improper Access Control via MongoDB Query Operator Injection
CVSS 4.3
CVE-2022-35621
MEDIUM
EvohClaimable NFT Contract - Fraudulent NFT Transfers via Access Control Failure
CVSS 5.3
CVE-2022-41235
MEDIUM
Jenkins WildFly Deployer Plugin <1.0.2 - Info Disclosure
CVSS 5.3
CVE-2022-32883
MEDIUM
iPadOS < 15.7 - Unauthorized Sensitive Location Information Access
CVSS 5.5
CVE-2022-32880
MEDIUM
macOS 12.0.0-12.4 - Unprotected User Data Exposure via Improper Access Control
CVSS 6.5
CVE-2022-32872
LOW
iPadOS < 15.7 - Unprotected Photo Access from Lock Screen
CVSS 2.4
CVE-2022-0143
CRITICAL
LDAP connector <1.5.20.9 - Unauthenticated Access
CVSS 9.3
CVE-2022-2995
HIGH
CRI-O < 1.25.0 - Improper Access Control via Supplementary Groups Handling
CVSS 7.1
CVE-2022-23768
HIGH
NIS-HAP11AC Firmware - Unauthenticated Remote Code Execution via Exposed Telnet Port
CVSS 8.8
CVE-2022-28758
HIGH
Zoom On-Premise Meeting Connector MMR <4.8.20220815.130 - Info Disc...
CVSS 8.2
CVE-2022-3182
HIGH
Devolutions Remote Desktop Manager < 2022.2.15 - Improper Access Control via Duo SMS Two-Factor Bypass
CVSS 7.0
CVE-2022-3027
MEDIUM
Contec CMS8000 Patient Monitor Firmware - Malicious SSID File Write
CVSS 5.7
CVE-2022-36385
MEDIUM
ContecHealth CMS8000 Firmware - Unauthenticated Firmware Modification via USB Drive
CVSS 6.8
CVE-2022-38466
HIGH
CoreShield OWG <V2.2 - Privilege Escalation
CVSS 7.8
CVE-2022-36875
MEDIUM
Samsung Galaxy Watch Plugin < 2.2.11.22081151 - Improper Access Control via SaWebViewRelayActivity Intent Broadcast
CVSS 6.6
CVE-2022-36869
MEDIUM
Samsung Contacts Provider < 12.7.59 - Improper Access Control in ContactsDumpActivity
CVSS 6.6
CVE-2022-36867
MEDIUM
Samsung Editor Lite < 4.0.40.14 - Improper Access Control
CVSS 5.9
CVE-2022-36866
MEDIUM
Samsung Group Sharing < 13.0.6.15 - Improper Access Control in Broadcaster
CVSS 4.0
CVE-2022-36865
MEDIUM
Samsung Group Sharing < 13.0.6.15 - Improper Access Control
CVSS 4.0
CVE-2022-36864
MEDIUM
Samsung Email < 6.1.70.20 - Improper Access Control and Intent Redirection
CVSS 4.0
Details
Vulnerabilities
5,309