CWE-284
Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
5,309 vulnerabilities with CWE-284
CVE-2022-36856
MEDIUM
Android Telecom - Unauthenticated Emergency Call Initiation via Improper Access Control
CVSS 4.0
CVE-2022-36851
LOW
Samsung Pass < 4.0.03.1 - Unauthenticated Data Exposure via Unlocked Device State
CVSS 3.9
CVE-2022-20696
HIGH
Cisco SD-WAN vManage - Info Disclosure
CVSS 7.5
CVE-2022-36088
MEDIUM
GoCD <22.2.0 - Privilege Escalation
CVSS 5.0
CVE-2022-21950
MEDIUM
openSUSE Backports SLE-15-SP3/4 - Privilege Escalation
CVSS 5.3
CVE-2022-3065
HIGH
jgraph/drawio <20.2.8 - Info Disclosure
CVSS 7.5
CVE-2022-3019
HIGH
tooljet < 1.23.0 - Improper Access Control via Forgot Password Token
CVSS 8.8
CVE-2022-32834
MEDIUM
macOS - Unprotected User Data Exposure via Sandbox Bypass
CVSS 5.5
CVE-2022-2792
MEDIUM
Emerson Electric's Proficy Machine Edition < 9.0.0 - Improper Access Control in Project Data Directory
CVSS 6.6
CVE-2022-36263
HIGH
StreamLabs Desktop App <1.9.0 - Code Injection
CVSS 7.3
CVE-2022-36024
HIGH
py-cord <2.0.1 - DoS
CVSS 7.5
CVE-2022-34259
MEDIUM
Adobe Commerce <2.4.3-p2, 2.3.7-p3, 2.4.4 - Security Feature Bypass
CVSS 5.3
CVE-2022-34255
HIGH
Adobe Commerce <2.4.3-p2, 2.3.7-p3, 2.4.4 - Privilege Escalation
CVSS 8.8
CVE-2022-37393
HIGH
Zimbra zmslapd arbitrary module load
CVSS 7.8
CVE-2022-38184
HIGH
Portal for ArcGIS <10.8.1 - Info Disclosure
CVSS 7.5
CVE-2022-28754
HIGH
Zoom On-Premise Meeting Connector MMR <4.8.129.20220714 - Privilege...
CVSS 7.1
CVE-2022-28753
HIGH
Zoom On-Premise Meeting Connector MMR <4.8.129.20220714 - Privilege...
CVSS 7.1
CVE-2022-36923
HIGH
Zoho ManageEngine Firewall Analyzer - Unauthenticated API Key Exposure
CVSS 7.5
CVE-2022-20358
LOW
Android - Local Information Disclosure via Missing Permission Check in AbstractThreadedSyncAdapter
CVSS 3.3
CVE-2022-33931
MEDIUM
Dell Wyse Management Suite <3.6.1 - Info Disclosure
CVSS 6.3
CVE-2022-33926
HIGH
Dell Wyse Management Suite <3.6.1 - Info Disclosure
CVSS 7.1
CVE-2022-33925
MEDIUM
Dell Wyse Management Suite <3.6.1 - Auth Bypass
CVSS 6.5
CVE-2022-33924
MEDIUM
Dell Wyse Management Suite <3.6.1 - Privilege Escalation
CVSS 4.3
CVE-2022-2702
HIGH
Company Website CMS - Improper Access Control in Cookie Handler
CVSS 7.3
CVE-2022-27660
HIGH
TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14 - Denial of Service via confctl_set_guest_wlan
CVSS 7.5
Details
Vulnerabilities
5,309