CWE-284
Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
5,311 vulnerabilities with CWE-284
CVE-2022-0405
MEDIUM
janeczku/calibre-web <0.6.16 - Info Disclosure
CVSS 4.3
CVE-2022-24731
MEDIUM
Argo CD <2.1.11, 2.2.6, 2.3.0 - Path Traversal
CVSS 6.8
CVE-2022-24730
HIGH
Argo CD <2.1.11, 2.2.6, 2.3.0 - Path Traversal
CVSS 7.7
CVE-2022-25481
HIGH
ThinkPHP Framework 5.0.24 - Unauthenticated Information Exposure via PATHINFO Misconfiguration
CVSS 7.5
CVE-2022-23730
CRITICAL
LG webOS >=4.0 - Improper Access Control via Public API Error
CVSS 9.8
CVE-2022-25824
MEDIUM
BixbyTouch < 2.2.00.6 - Unauthenticated Arbitrary URL and Local File Load in WebView
CVSS 4.0
CVE-2022-24930
MEDIUM
Wear OS 3.0 - Unauthenticated Improper Access Control in StRetailModeReceiver
CVSS 4.4
CVE-2022-26317
MEDIUM
Mendix Applications <7.23.29 - Info Disclosure
CVSS 6.5
CVE-2022-26313
CRITICAL
Mendix Forgot Password Appstore module - Privilege Escalation
CVSS 9.8
CVE-2022-24309
MEDIUM
Mendix Runtime <7.23.29,8.18.16,9.13 - Info Disclosure
CVSS 6.8
CVE-2022-0824
HIGH
webmin < 1.990 - Improper Access Control to Remote Code Execution
CVSS 8.8
CVE-2022-21706
HIGH
Zulip Server 2.0.0-4.10.0 - Insufficient Access Control via Multi-Use Invitations
CVSS 7.2
CVE-2022-0732
HIGH
1byte copy9 - Unauthenticated Insecure Direct Object Reference
CVSS 7.5
CVE-2022-0731
MEDIUM
Dolibarr < 16.0 - Improper Access Control
CVSS 6.5
CVE-2022-0727
MEDIUM
GitHub chocobozzz/peertube <4.1.0 - Info Disclosure
CVSS 5.4
CVE-2022-23981
MEDIUM
WordPress Perfect Brands <2.0.4 - Info Disclosure
CVSS 4.3
CVE-2022-24924
LOW
Samsung LiveWallpaperService < 3.0.9.0 - Improper Access Control
CVSS 2.2
CVE-2022-24923
MEDIUM
Samsung SearchWidget < 2.3.00.6 - Improper Access Control
CVSS 4.0
CVE-2022-23997
MEDIUM
Wear OS 3.0 <Feb-2022 - Privilege Escalation
CVSS 4.0
CVE-2022-23996
MEDIUM
Wear OS 3.0 <Feb-2022 - Privilege Escalation
CVSS 4.0
CVE-2022-23995
MEDIUM
Wear OS 3.0 <Feb-2022 - Privilege Escalation
CVSS 4.0
CVE-2022-23994
LOW
Samsung Wear OS < 3.0 - Improper Access Control in StBedtimeModeReceiver
CVSS 3.3
CVE-2022-23433
MEDIUM
Samsung Reminder < 12.3.01.3000 - Improper Access Control
CVSS 4.3
CVE-2022-21825
HIGH
Citrix Workspace App for Linux 2012-2111 - Local Privilege Escalation via App Protection
CVSS 7.8
CVE-2022-21816
MEDIUM
NVIDIA vGPU < 2022 and Virtual GPU 8.0-8.10 - Denial of Service via GPU Interrupt Storm
CVSS 5.5
Details
Vulnerabilities
5,311