CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,331 vulnerabilities with CWE-284
CVE-2016-7048 HIGH
PostgreSQL < 9.1.24 - Remote Code Execution via Interactive Installer HTTP Download
CVSS 8.1
CVE-2016-6543 MEDIUM
iTrack Easy - Unauthenticated GPS Data Exposure via MAC/Device ID Registration
CVSS 5.9
CVE-2016-9905 HIGH
Redhat Enterprise Linux Desktop < 45.6.0 - Improper Access Control
CVSS 8.8
CVE-2016-10549 MEDIUM
Sails < 0.12.7 - Improper Access Control via CORS Misconfiguration
CVSS 4.4
CVE-2016-8656 HIGH
Jboss <5.2.0-23, 6.4.13, 7.0.5 - Privilege Escalation
CVSS 7.0
CVE-2016-9599 HIGH
puppet-tripleo - Improper Access Control via IPtables Rules with Empty Port Values
CVSS 7.1
CVE-2016-10472 CRITICAL
Qualcomm Snapdragon Mobile/Wear Firmware - Improper Access Control via TZ_INFO_GET_SECURE_STATE_LEGACY_ID
CVSS 9.8
CVE-2016-10462 CRITICAL
Qualcomm Snapdragon Mobile and Automobile Firmware - Improper Access Control in HLOS Resource Policy
CVSS 9.8
CVE-2016-10444 CRITICAL
Qualcomm MDM9206, SD 210/212/205, SD 425/430/450/625, SD 820/820A/835 Firmware - Improper Access Control in SMMU Policy
CVSS 9.8
CVE-2016-10442 CRITICAL
Qualcomm MDM9640 SDM630 MSM8976 MSM8937 SDM845 MSM8952 Firmware - Improper Access Control
CVSS 9.8
CVE-2016-10440 CRITICAL
Qualcomm Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52 - Improper Access Control to Bus
CVSS 9.8
CVE-2016-10422 CRITICAL
Qualcomm MDM9206 and Multiple Snapdragon Firmware - Improper Access Control in System Call
CVSS 9.8
CVE-2016-10418 HIGH
Qualcomm Mdm9206 Firmware - Improper Access Control
CVSS 7.5
CVE-2016-10417 HIGH
Qualcomm MDM9206 and Snapdragon Firmware - TOCTOU via Improper Access Control in QTEE
CVSS 8.1
CVE-2016-9645 MEDIUM
ikiwiki < 2.8 - Editing Restriction Bypass via Git Revert
CVSS 6.5
CVE-2016-8365 MEDIUM
OSIsoft PI System - Denial of Service via Incomplete Endpoint Feature Model
CVSS 5.5
CVE-2016-8629 MEDIUM
Red Hat Keycloak <2.4.0 - Privilege Escalation
CVSS 6.5
CVE-2016-8529 HIGH
HP LeftHand OS < 12.5 - Remote Command Execution
CVSS 7.6
CVE-2016-0342 MEDIUM
IBM TRIRIGA Application Platform <3.3.2.6, <3.4.2.3, <3.5.0.1 - Pri...
CVSS 5.4
CVE-2016-6598 CRITICAL
BMC Track-It! <11.4 - Code Injection
CVSS 9.8
CVE-2016-9722 MEDIUM
IBM QRadar 7.2-7.3 - Improper Access Control
CVSS 4.2
CVE-2016-5714 HIGH
Puppet Enterprise <2016.4.0 - Auth Bypass
CVSS 7.2
CVE-2016-10514 MEDIUM
Piwigo < 2.8.2 - Improper Access Control via URL Format Bypass
CVSS 6.5
CVE-2016-8752 HIGH
Apache Atlas <0.8 - Info Disclosure
CVSS 7.5
CVE-2016-10382 CRITICAL
Qualcomm Android - Improper Access Control in I2C Bus
CVSS 9.8
Details
Vulnerabilities 5,331