CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,311 vulnerabilities with CWE-284
CVE-2022-0405 MEDIUM
janeczku/calibre-web <0.6.16 - Info Disclosure
CVSS 4.3
CVE-2022-24731 MEDIUM
Argo CD <2.1.11, 2.2.6, 2.3.0 - Path Traversal
CVSS 6.8
CVE-2022-24730 HIGH
Argo CD <2.1.11, 2.2.6, 2.3.0 - Path Traversal
CVSS 7.7
CVE-2022-25481 HIGH
ThinkPHP Framework 5.0.24 - Unauthenticated Information Exposure via PATHINFO Misconfiguration
CVSS 7.5
CVE-2022-23730 CRITICAL
LG webOS >=4.0 - Improper Access Control via Public API Error
CVSS 9.8
CVE-2022-25824 MEDIUM
BixbyTouch < 2.2.00.6 - Unauthenticated Arbitrary URL and Local File Load in WebView
CVSS 4.0
CVE-2022-24930 MEDIUM
Wear OS 3.0 - Unauthenticated Improper Access Control in StRetailModeReceiver
CVSS 4.4
CVE-2022-26317 MEDIUM
Mendix Applications <7.23.29 - Info Disclosure
CVSS 6.5
CVE-2022-26313 CRITICAL
Mendix Forgot Password Appstore module - Privilege Escalation
CVSS 9.8
CVE-2022-24309 MEDIUM
Mendix Runtime <7.23.29,8.18.16,9.13 - Info Disclosure
CVSS 6.8
CVE-2022-0824 HIGH
webmin < 1.990 - Improper Access Control to Remote Code Execution
CVSS 8.8
CVE-2022-21706 HIGH
Zulip Server 2.0.0-4.10.0 - Insufficient Access Control via Multi-Use Invitations
CVSS 7.2
CVE-2022-0732 HIGH
1byte copy9 - Unauthenticated Insecure Direct Object Reference
CVSS 7.5
CVE-2022-0731 MEDIUM
Dolibarr < 16.0 - Improper Access Control
CVSS 6.5
CVE-2022-0727 MEDIUM
GitHub chocobozzz/peertube <4.1.0 - Info Disclosure
CVSS 5.4
CVE-2022-23981 MEDIUM
WordPress Perfect Brands <2.0.4 - Info Disclosure
CVSS 4.3
CVE-2022-24924 LOW
Samsung LiveWallpaperService < 3.0.9.0 - Improper Access Control
CVSS 2.2
CVE-2022-24923 MEDIUM
Samsung SearchWidget < 2.3.00.6 - Improper Access Control
CVSS 4.0
CVE-2022-23997 MEDIUM
Wear OS 3.0 <Feb-2022 - Privilege Escalation
CVSS 4.0
CVE-2022-23996 MEDIUM
Wear OS 3.0 <Feb-2022 - Privilege Escalation
CVSS 4.0
CVE-2022-23995 MEDIUM
Wear OS 3.0 <Feb-2022 - Privilege Escalation
CVSS 4.0
CVE-2022-23994 LOW
Samsung Wear OS < 3.0 - Improper Access Control in StBedtimeModeReceiver
CVSS 3.3
CVE-2022-23433 MEDIUM
Samsung Reminder < 12.3.01.3000 - Improper Access Control
CVSS 4.3
CVE-2022-21825 HIGH
Citrix Workspace App for Linux 2012-2111 - Local Privilege Escalation via App Protection
CVSS 7.8
CVE-2022-21816 MEDIUM
NVIDIA vGPU < 2022 and Virtual GPU 8.0-8.10 - Denial of Service via GPU Interrupt Storm
CVSS 5.5
Details
Vulnerabilities 5,311