CWE-284
Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
5,332 vulnerabilities with CWE-284
CVE-2016-5054
HIGH
OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 - Unauthenticated Zigbee Replay Attack
CVSS 7.5
CVE-2016-8798
HIGH
Huawei USG5500 V300R001C00 - Denial of Service via Anti-DDoS Module Bypass
CVSS 7.5
CVE-2016-8794
HIGH
Huawei Mate 8 <NXT-AL10C00B386 - Path Traversal
CVSS 7.1
CVE-2016-8793
MEDIUM
Huawei Mate 8 <NXT-AL10C00B386 - Path Traversal
CVSS 6.7
CVE-2016-8792
HIGH
Huawei Mate 8 <NXT-AL10C00B386 - Path Traversal
CVSS 7.1
CVE-2016-8791
HIGH
Huawei Mate 8 <NXT-AL10C00B386 - Path Traversal
CVSS 7.1
CVE-2016-8274
HIGH
Huawei PC client software <4.0.5.300_OVE - Code Injection
CVSS 7.8
CVE-2016-8273
HIGH
Huawei PC client software HiSuite 4.0.5.300_OVE - Info Disclosure
CVSS 7.8
CVE-2016-8032
HIGH
Intel Security AVE <5800 - Auth Bypass
CVSS 7.3
CVE-2016-6807
CRITICAL
Apache Ambari 2.4.0-2.4.1 - Unauthenticated Remote Code Execution via Custom Commands
CVSS 9.8
CVE-2016-9468
MEDIUM
Nextcloud Server <9.0.54, 10.0.1 & ownCloud Server <9.0.6, 9.1.2 - Content Spoofing via DAV
CVSS 5.3
CVE-2016-9467
MEDIUM
Nextcloud Server < 9.0.54 and 10.0.1 & ownCloud Server < 9.0.6 and 9.1.2 - Content Spoofing in Files App Location Bar
CVSS 5.3
CVE-2016-9462
MEDIUM
Nextcloud Server < 9.0.52 & ownCloud Server < 9.0.4 - Unauthenticated File Restore Privilege Bypass
CVSS 4.3
CVE-2016-9461
MEDIUM
Nextcloud Server < 9.0.52 & ownCloud Server < 9.0.4 - Authenticated Arbitrary File Write via WebDAV COPY
CVSS 4.3
CVE-2016-9460
MEDIUM
Nextcloud Server < 9.0.52 and ownCloud Server < 9.0.4 - Content Spoofing in Files App Location Bar
CVSS 5.3
CVE-2016-9122
HIGH
go-jose < 1.0.4 - Improper Access Control via Multiple Signature Handling
CVSS 7.5
CVE-2016-10144
CRITICAL
ImageMagick < 6.9.7-1 - Denial of Service via Missing Malloc Check in coders/ipl.c
CVSS 9.8
CVE-2016-10130
MEDIUM
libgit2 <0.24.6, <0.25.1 - Info Disclosure
CVSS 5.9
CVE-2016-7468
MEDIUM
F5 BIG-IP 11.4.1-11.5.4 - Unauthenticated Denial of Service via Malicious Network Traffic
CVSS 5.9
CVE-2016-5750
HIGH
NetIQ Access Manager <4.1.2-4.2.2 - RCE
CVSS 8.8
CVE-2016-5747
HIGH
Novell eDirectory <9.0.1 - Auth Bypass
CVSS 7.5
CVE-2016-5239
CRITICAL
ImageMagick < 6.9.3-9 - Remote Code Execution via Gnuplot Delegate
CVSS 9.8
CVE-2016-8010
HIGH
Intel Security McAfee MAC <7.0-ENS <10.2 - Auth Bypass
CVSS 7.8
CVE-2016-8007
MEDIUM
McAfee Host Intrusion Prevention Services < 8.0 Patch 7 - Authenticated Registry Key Manipulation
CVSS 6.3
CVE-2016-9368
HIGH
Eaton xComfort ECI <1.07 - Info Disclosure
CVSS 7.5
Details
Vulnerabilities
5,332