CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,332 vulnerabilities with CWE-284
CVE-2016-0214 HIGH
IBM Tivoli Endpoint Manager - File Upload
CVSS 7.8
CVE-2016-8418 CRITICAL
Android < 6.0.1 - Remote Code Execution in Qualcomm Crypto Driver
CVSS 9.8
CVE-2016-9639 CRITICAL
Salt < 2015.8.11 - Improper Access Control via Minion ID Caching
CVSS 9.1
CVE-2016-1894 HIGH
NetApp OnCommand Workflow Automation <3.1P2 - Auth Bypass
CVSS 8.1
CVE-2016-3020 MEDIUM
IBM Security Access Manager 7.0.0-9.0.0 Security Restriction Bypass via Improper Content Validation
CVSS 5.5
CVE-2016-6095 CRITICAL
IBM Tivoli Key Lifecycle Mgr <2.7 - Privilege Escalation
CVSS 9.8
CVE-2016-9008 HIGH
IBM UrbanCode Deploy - Privilege Escalation
CVSS 7.5
CVE-2016-8938 CRITICAL
IBM UrbanCode Deploy - Code Injection
CVSS 10.0
CVE-2016-8932 HIGH
IBM Kenexa LMS on Cloud - Arbitrary File Upload and Remote Code Execution
CVSS 8.8
CVE-2016-8931 HIGH
IBM Kenexa LMS on Cloud - Unauthenticated Arbitrary File Upload and Remote Code Execution
CVSS 8.8
CVE-2016-2942 HIGH
IBM UrbanCode Deploy - Authenticated Remote Code Execution via Crafted Server Script
CVSS 7.5
CVE-2016-0320 MEDIUM
IBM UrbanCode Deploy - Privilege Escalation
CVSS 4.3
CVE-2016-6105 HIGH
IBM Tivoli Key Lifecycle Manager <2.7 - Auth Bypass
CVSS 8.2
CVE-2016-8942 LOW
IBM Tivoli Storage Productivity Center - Privilege Escalation
CVSS 3.1
CVE-2016-6085 MEDIUM
IBM BigFix Platform - Denial of Service via Local Network Attack
CVSS 6.5
CVE-2016-6044 MEDIUM
IBM Tivoli Storage Manager Operations Center - Auth Bypass
CVSS 4.3
CVE-2016-5990 MEDIUM
IBM Security Privileged Identity Manager Virtual Appliance - Code I...
CVSS 6.3
CVE-2016-5964 CRITICAL
IBM Security Privileged Identity Manager Virtual Appliance <2.0.2 -...
CVSS 9.8
CVE-2016-9415 HIGH
MyBB and MyBB Merge System < 1.8.8 - Arbitrary CSS File Overwrite via Style Import
CVSS 7.5
CVE-2016-9413 MEDIUM
MyBB and MyBB Merge System < 1.8.7 - Clickjacking in Admin Control Panel
CVSS 6.5
CVE-2016-9412 CRITICAL
MyBB and MyBB Merge System < 1.8.7 - Improper Access Control via Low Session ID Entropy
CVSS 9.8
CVE-2016-5026 MEDIUM
OnionShare < 0.9.0 - Local Privilege Escalation via /tmp/onionshare Directory Pre-Creation
CVSS 5.5
CVE-2016-8330 LOW
Oracle Sun Systems Products Suite <11.3 - Integrity
CVSS 3.7
CVE-2016-8325 CRITICAL
Oracle E-Business Suite - Internal Operations <12.2.6 - RCE
CVSS 9.1
CVE-2016-8324 MEDIUM
Oracle FLEXCUBE <11.5.0 - Info Disclosure
CVSS 5.3
Details
Vulnerabilities 5,332