CWE-284
Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
5,319 vulnerabilities with CWE-284
CVE-2021-21965
CRITICAL
Sealevel SeaConnect 370W Firmware 1.3.34 - Denial of Service via SeaMax Remote Configuration
CVSS 9.3
CVE-2021-21964
HIGH
Sealevel SeaConnect 370W Firmware 1.3.34 - Denial of Service via Modbus Configuration
CVSS 7.4
CVE-2021-40416
HIGH
Reolink RLC-410W <3.0.0.136_20121102 - Info Disclosure
CVSS 8.8
CVE-2021-40415
MEDIUM
reolink RLC-410W v3.0.0.136_20121102 - Info Disclosure
CVSS 6.5
CVE-2021-40414
HIGH
reolink RLC-410W v3.0.0.136_20121102 - Info Disclosure
CVSS 7.1
CVE-2021-40413
HIGH
reolink RLC-410W v3.0.0.136_20121102 - Info Disclosure
CVSS 7.1
CVE-2021-40404
MEDIUM
Reolink RLC-410W <3.0.0.136_20121102 - Auth Bypass
CVSS 6.5
CVE-2021-23233
HIGH
Fresenius Kabi Agilia Link+ <3.0 - Info Disclosure
CVSS 7.3
CVE-2021-4016
MEDIUM
Rapid7 Insight Agent <3.1.3 - Info Disclosure
CVSS 4.0
CVE-2021-34402
MEDIUM
NVIDIA Shield Experience < 9.0 - Memory Corruption in NVDEC
CVSS 6.7
CVE-2021-34401
HIGH
NVIDIA Shield Experience < 9.0 - Improper Access Control in nvmap NVGPU_IOCTL_CHANNEL_SET_ERROR_NOTIFIER
CVSS 7.8
CVE-2021-37864
LOW
Mattermost < 6.1 - Authenticated Improper Access Control via Archived Channel API
CVSS 2.6
CVE-2021-28507
MEDIUM
Arista EOS 4.23.0-4.23.9m - Improper Access Control via OpenConfig gNOI and RESTCONF Service ACL Bypass
CVSS 5.5
CVE-2021-45034
HIGH
Siemens CP-8000 and CP-8021/8022 Master Modules < V16.20 - Unauthenticated Sensitive Data Exposure via Web Server
CVSS 7.5
CVE-2021-23173
LOW
Philips Engage < 6.2.2 - Authenticated Improper Access Control
CVSS 2.6
CVE-2021-4194
MEDIUM
BookStack < 21.12.1 - Improper Access Control
CVSS 6.5
CVE-2021-22567
MEDIUM
Dart Software Development Kit < 2.15.0 - Improper Access Control via Bidirectional Unicode Text
CVSS 4.6
CVE-2021-25991
MEDIUM
ifme 5.0.0-7.32 - Improper Access Control via Admin Self-Ban
CVSS 5.7
CVE-2021-20050
HIGH
SonicWall SMA 100/200/210/400/410/500v Firmware < 10.0.0.0 - Unauthenticated Improper Access Control
CVSS 7.5
CVE-2021-42808
MEDIUM
Thales Sentinel Protection Installer < 7.7.1 - Privilege Escalation via Improper Access Control
CVSS 6.5
CVE-2021-4119
CRITICAL
BookStack < 21.11.2 and ssddanbrown/BookStack < 21.11.3 - Improper Access Control
CVSS 9.8
CVE-2021-36888
CRITICAL
Image Hover Effects Ultimate <= 9.6.1 - Unauthenticated Arbitrary Options Update
CVSS 9.8
CVE-2021-24859
MEDIUM
WordPress Plugin <0.5 - Info Disclosure
CVSS 4.3
CVE-2021-24845
MEDIUM
Improved Include Page WP <1.2 - Info Disclosure
CVSS 6.5
CVE-2021-4089
MEDIUM
snipe-it < 5.3.3 and 5.3.4 - Improper Access Control
CVSS 4.3
Details
Vulnerabilities
5,319