CWE-284
Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
5,332 vulnerabilities with CWE-284
CVE-2016-2930
HIGH
IBM BigFix Remote Control 9.1.3 - Unauthenticated Privilege Escalation
CVSS 7.5
CVE-2016-8588
HIGH
Trend Micro Threat Discovery Appliance <2.6.1062r1 - Authenticated RCE
CVSS 7.3
CVE-2016-8587
HIGH
Trend Micro Threat Discovery Appliance <2.6.1062r1 - Authenticated RCE
CVSS 7.3
CVE-2016-8584
CRITICAL
Trend Micro Threat Discovery Appliance <2.6.1062r1 - Auth Bypass
CVSS 9.8
CVE-2016-5551
LOW
Oracle Solaris Cluster 4.3 - Unauthenticated Improper Access Control in NAS Device Addition
CVSS 2.8
CVE-2016-2433
HIGH
Android < 6.0.1 - Remote Code Execution in Broadcom Wi-Fi Driver
CVSS 8.8
CVE-2016-1518
HIGH
Grandstream Wave app <1.0.1.26 - SSRF
CVSS 8.1
CVE-2016-3733
MEDIUM
Moodle <3.0.3-<2.8.11 - Privilege Escalation
CVSS 4.3
CVE-2016-3729
MEDIUM
Moodle <3.0.3, <2.9.5, <2.8.11, <2.7.13 - Privilege Escalation
CVSS 6.5
CVE-2016-4850
HIGH
LINE for Windows < 4.8.2.1125 - Remote Code Execution
CVSS 8.1
CVE-2016-1220
MEDIUM
Cybozu Garoon <4.2.2 - Info Disclosure
CVSS 4.3
CVE-2016-6338
MEDIUM
ovirt-engine-webadmin - Privilege Escalation
CVSS 6.8
CVE-2016-6337
HIGH
MediaWiki 1.27.x - Improper Access Control via UserGetRights Function
CVSS 7.5
CVE-2016-6336
MEDIUM
MediaWiki <1.23.15, <1.26.x-1.26.4, <1.27.x-1.27.1 - Auth Bypass
CVSS 6.5
CVE-2016-6331
HIGH
MediaWiki <1.23.15, <1.26.4, <1.27.1 - Auth Bypass
CVSS 7.5
CVE-2016-4874
LOW
Cybozu Office 9.0.0-10.4.0 - Reflected File Download via Improper Access Control
CVSS 3.5
CVE-2016-7032
HIGH
Sudo < 1.8.15 - Unauthenticated Command Execution Bypass via system or popen Functions
CVSS 7.0
CVE-2016-4032
MEDIUM
Samsung Galaxy S6, Note 3, S4 mini, S4 mini LTE, S4 - Improper Access Control via AT Command Injection
CVSS 4.6
CVE-2016-4031
MEDIUM
Samsung Devices - Command Injection
CVSS 6.8
CVE-2016-4030
MEDIUM
Samsung Galaxy S6, Note 3, S4 mini, S4 mini LTE, S4 - Unauthenticated Modem Access via USB Configuration
CVSS 6.8
CVE-2016-6143
CRITICAL
SAP HANA DB <1.00.73.00.389160 - RCE
CVSS 9.8
CVE-2016-4800
CRITICAL
Eclipse Jetty 9.3.0-9.3.8 - Improper Access Control via Path Normalization Bypass
CVSS 9.8
CVE-2016-1178
MEDIUM
a-blog cms <2.6.0.1 - Info Disclosure
CVSS 6.5
CVE-2016-6605
HIGH
Cloudera CDH 5.2.0-5.7.2 and 5.8.0 - Improper Access Control in Impala
CVSS 7.5
CVE-2016-5058
HIGH
OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 - Zigbee Replay Attack
CVSS 7.5
Details
Vulnerabilities
5,332