CWE-284
Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
5,331 vulnerabilities with CWE-284
CVE-2016-7048
HIGH
PostgreSQL < 9.1.24 - Remote Code Execution via Interactive Installer HTTP Download
CVSS 8.1
CVE-2016-6543
MEDIUM
iTrack Easy - Unauthenticated GPS Data Exposure via MAC/Device ID Registration
CVSS 5.9
CVE-2016-9905
HIGH
Redhat Enterprise Linux Desktop < 45.6.0 - Improper Access Control
CVSS 8.8
CVE-2016-10549
MEDIUM
Sails < 0.12.7 - Improper Access Control via CORS Misconfiguration
CVSS 4.4
CVE-2016-8656
HIGH
Jboss <5.2.0-23, 6.4.13, 7.0.5 - Privilege Escalation
CVSS 7.0
CVE-2016-9599
HIGH
puppet-tripleo - Improper Access Control via IPtables Rules with Empty Port Values
CVSS 7.1
CVE-2016-10472
CRITICAL
Qualcomm Snapdragon Mobile/Wear Firmware - Improper Access Control via TZ_INFO_GET_SECURE_STATE_LEGACY_ID
CVSS 9.8
CVE-2016-10462
CRITICAL
Qualcomm Snapdragon Mobile and Automobile Firmware - Improper Access Control in HLOS Resource Policy
CVSS 9.8
CVE-2016-10444
CRITICAL
Qualcomm MDM9206, SD 210/212/205, SD 425/430/450/625, SD 820/820A/835 Firmware - Improper Access Control in SMMU Policy
CVSS 9.8
CVE-2016-10442
CRITICAL
Qualcomm MDM9640 SDM630 MSM8976 MSM8937 SDM845 MSM8952 Firmware - Improper Access Control
CVSS 9.8
CVE-2016-10440
CRITICAL
Qualcomm Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52 - Improper Access Control to Bus
CVSS 9.8
CVE-2016-10422
CRITICAL
Qualcomm MDM9206 and Multiple Snapdragon Firmware - Improper Access Control in System Call
CVSS 9.8
CVE-2016-10418
HIGH
Qualcomm Mdm9206 Firmware - Improper Access Control
CVSS 7.5
CVE-2016-10417
HIGH
Qualcomm MDM9206 and Snapdragon Firmware - TOCTOU via Improper Access Control in QTEE
CVSS 8.1
CVE-2016-9645
MEDIUM
ikiwiki < 2.8 - Editing Restriction Bypass via Git Revert
CVSS 6.5
CVE-2016-8365
MEDIUM
OSIsoft PI System - Denial of Service via Incomplete Endpoint Feature Model
CVSS 5.5
CVE-2016-8629
MEDIUM
Red Hat Keycloak <2.4.0 - Privilege Escalation
CVSS 6.5
CVE-2016-8529
HIGH
HP LeftHand OS < 12.5 - Remote Command Execution
CVSS 7.6
CVE-2016-0342
MEDIUM
IBM TRIRIGA Application Platform <3.3.2.6, <3.4.2.3, <3.5.0.1 - Pri...
CVSS 5.4
CVE-2016-6598
CRITICAL
BMC Track-It! <11.4 - Code Injection
CVSS 9.8
CVE-2016-9722
MEDIUM
IBM QRadar 7.2-7.3 - Improper Access Control
CVSS 4.2
CVE-2016-5714
HIGH
Puppet Enterprise <2016.4.0 - Auth Bypass
CVSS 7.2
CVE-2016-10514
MEDIUM
Piwigo < 2.8.2 - Improper Access Control via URL Format Bypass
CVSS 6.5
CVE-2016-8752
HIGH
Apache Atlas <0.8 - Info Disclosure
CVSS 7.5
CVE-2016-10382
CRITICAL
Qualcomm Android - Improper Access Control in I2C Bus
CVSS 9.8
Details
Vulnerabilities
5,331