CWE-284
Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
5,332 vulnerabilities with CWE-284
CVE-2016-0214
HIGH
IBM Tivoli Endpoint Manager - File Upload
CVSS 7.8
CVE-2016-8418
CRITICAL
Android < 6.0.1 - Remote Code Execution in Qualcomm Crypto Driver
CVSS 9.8
CVE-2016-9639
CRITICAL
Salt < 2015.8.11 - Improper Access Control via Minion ID Caching
CVSS 9.1
CVE-2016-1894
HIGH
NetApp OnCommand Workflow Automation <3.1P2 - Auth Bypass
CVSS 8.1
CVE-2016-3020
MEDIUM
IBM Security Access Manager 7.0.0-9.0.0 Security Restriction Bypass via Improper Content Validation
CVSS 5.5
CVE-2016-6095
CRITICAL
IBM Tivoli Key Lifecycle Mgr <2.7 - Privilege Escalation
CVSS 9.8
CVE-2016-9008
HIGH
IBM UrbanCode Deploy - Privilege Escalation
CVSS 7.5
CVE-2016-8938
CRITICAL
IBM UrbanCode Deploy - Code Injection
CVSS 10.0
CVE-2016-8932
HIGH
IBM Kenexa LMS on Cloud - Arbitrary File Upload and Remote Code Execution
CVSS 8.8
CVE-2016-8931
HIGH
IBM Kenexa LMS on Cloud - Unauthenticated Arbitrary File Upload and Remote Code Execution
CVSS 8.8
CVE-2016-2942
HIGH
IBM UrbanCode Deploy - Authenticated Remote Code Execution via Crafted Server Script
CVSS 7.5
CVE-2016-0320
MEDIUM
IBM UrbanCode Deploy - Privilege Escalation
CVSS 4.3
CVE-2016-6105
HIGH
IBM Tivoli Key Lifecycle Manager <2.7 - Auth Bypass
CVSS 8.2
CVE-2016-8942
LOW
IBM Tivoli Storage Productivity Center - Privilege Escalation
CVSS 3.1
CVE-2016-6085
MEDIUM
IBM BigFix Platform - Denial of Service via Local Network Attack
CVSS 6.5
CVE-2016-6044
MEDIUM
IBM Tivoli Storage Manager Operations Center - Auth Bypass
CVSS 4.3
CVE-2016-5990
MEDIUM
IBM Security Privileged Identity Manager Virtual Appliance - Code I...
CVSS 6.3
CVE-2016-5964
CRITICAL
IBM Security Privileged Identity Manager Virtual Appliance <2.0.2 -...
CVSS 9.8
CVE-2016-9415
HIGH
MyBB and MyBB Merge System < 1.8.8 - Arbitrary CSS File Overwrite via Style Import
CVSS 7.5
CVE-2016-9413
MEDIUM
MyBB and MyBB Merge System < 1.8.7 - Clickjacking in Admin Control Panel
CVSS 6.5
CVE-2016-9412
CRITICAL
MyBB and MyBB Merge System < 1.8.7 - Improper Access Control via Low Session ID Entropy
CVSS 9.8
CVE-2016-5026
MEDIUM
OnionShare < 0.9.0 - Local Privilege Escalation via /tmp/onionshare Directory Pre-Creation
CVSS 5.5
CVE-2016-8330
LOW
Oracle Sun Systems Products Suite <11.3 - Integrity
CVSS 3.7
CVE-2016-8325
CRITICAL
Oracle E-Business Suite - Internal Operations <12.2.6 - RCE
CVSS 9.1
CVE-2016-8324
MEDIUM
Oracle FLEXCUBE <11.5.0 - Info Disclosure
CVSS 5.3
Details
Vulnerabilities
5,332