CWE-284
Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
5,311 vulnerabilities with CWE-284
CVE-2022-21813
MEDIUM
NVIDIA GPU Display Driver for Linux - Unprivileged Local Write Access to Protected Memory
CVSS 6.1
CVE-2022-0273
MEDIUM
Pypi calibreweb <0.6.16 - Info Disclosure
CVSS 6.5
CVE-2022-0203
MEDIUM
GitHub crater-invoice/crater <6.0.2 - Info Disclosure
CVSS 5.3
CVE-2022-0270
HIGH
Bored-Agent <0.6.1 - Privilege Escalation
CVSS 8.8
CVE-2022-21305
MEDIUM
Oracle GraalVM and JDK - Unauthenticated Data Manipulation via Hotspot Component
CVSS 5.3
CVE-2022-21291
MEDIUM
Oracle GraalVM 20.3.4 and 21.3.0 - Unauthenticated Data Manipulation via Hotspot Component
CVSS 5.3
CVE-2022-23134
LOW
KEV
Zabbix 5.4.0-5.4.7 - Unauthenticated Improper Access Control in Setup.php
CVSS 3.7
CVE-2022-23132
LOW
Zabbix 4.0.0-4.0.35 - Improper Access Control via SELinux DAC_OVERRIDE Capability
CVSS 3.3
CVE-2022-0170
MEDIUM
Peertube < 4.0.0 - Improper Access Control
CVSS 4.3
CVE-2022-0133
HIGH
Peertube < 2022-01-06 - Improper Access Control
CVSS 7.5
CVE-2021-4477
CRITICAL
Hirschmann HiLCOS OpenBAT BAT450 IPv6 IPsec Firewall Bypass
CVSS 9.1
CVE-2021-32584
MEDIUM
FortiWLC <=8.6.0 Unauthenticated Improper Access Control via Web Management CGI
CVSS 5.3
CVE-2021-22126
MEDIUM
FortiWLC 8.2.6-8.2.7, 8.3.2-8.3.3, <=8.4.8, <=8.5.2 - Authenticated Hard-Coded Password Use
CVSS 6.7
CVE-2021-1410
MEDIUM
Cisco Webex Meetings - Authenticated Distribution List Modification via Insufficient Authorization
CVSS 4.3
CVE-2021-34753
MEDIUM
Cisco Firepower Threat Defense Software < 6.4.0.13 - Unauthenticated Access Control Bypass via ENIP Packet Inspection
CVSS 5.8
CVE-2021-3987
MEDIUM
calibre-web < 0.6.15 - Improper Access Control in Shelf Creation
CVSS 4.3
CVE-2021-47155
CRITICAL
Net::IPV4Addr 0.10 - Info Disclosure
CVSS 9.1
CVE-2021-33162
HIGH
Intel(R) Ethernet < - Privilege Escalation
CVSS 8.4
CVE-2021-46903
MEDIUM
Meinberg LANTIME-Firmware <6.24.029, <7.04.008 - Privilege Escalation
CVSS 6.5
CVE-2021-40699
HIGH
ColdFusion <2021 update 1, <2018.10 - Privilege Escalation
CVSS 7.4
CVE-2021-36036
HIGH
Magento <2.4.2-2.3.7 - Privilege Escalation
CVSS 7.2
CVE-2021-4380
CRITICAL
Pinterest Automatic <1.14.3 - Auth Bypass
CVSS 9.8
CVE-2021-4364
MEDIUM
JobSearch WP Job Board <1.8.1 - Auth Bypass
CVSS 4.3
CVE-2021-4361
HIGH
JobSearch WP Job Board <1.8.1 - Auth Bypass
CVSS 8.8
CVE-2021-4360
CRITICAL
Controlled Admin Access <1.5.5 - Privilege Escalation
CVSS 9.9
Details
Vulnerabilities
5,311