CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,344 vulnerabilities with CWE-284
CVE-2016-6703 HIGH
Android < 6.0.1 - Remote Code Execution in Runtime Library
CVSS 7.8
CVE-2016-6702 HIGH
Android < 4.4.4, 5.0.x < 5.0.2, 5.1.x < 5.1.1 - Remote Code Execution in libjpeg
CVSS 7.8
CVE-2016-6701 HIGH
Android < 7.0 - Remote Code Execution in libskia via Crafted Media File
CVSS 7.8
CVE-2016-9155 CRITICAL
SIEMENS IP Camera <v1.41_SP18_S1 - Info Disclosure
CVSS 9.8
CVE-2016-7165 MEDIUM
Siemens Primary Setup Tool < V4.2 HF1 - Unquoted Service Path Privilege Escalation
CVSS 6.4
CVE-2016-7248 HIGH
Microsoft Windows RCE via Microsoft Video Control
CVSS 7.8
CVE-2016-7247 HIGH
Microsoft Windows - Secure Boot Protection Bypass via Crafted Boot Policy
CVSS 7.5
CVE-2016-7244 MEDIUM
Microsoft Office 2007 SP3 - Denial of Service via Crafted Office Document
CVSS 5.5
CVE-2016-7237 MEDIUM
Microsoft Windows - Authenticated Denial of Service via LSASS Crafted Request
CVSS 6.5
CVE-2016-7226 MEDIUM
Windows 10 and Windows Server 2016 - Privilege Escalation via VHD Driver
CVSS 6.1
CVE-2016-7225 MEDIUM
Windows 10 and Windows Server 2016 - Privilege Escalation via VHD Driver
CVSS 6.1
CVE-2016-7224 MEDIUM
Windows VHD Driver - Unauthenticated Privilege Escalation via File Access
CVSS 6.1
CVE-2016-7223 MEDIUM
Microsoft Windows VHD Driver - Improper Access Control
CVSS 6.1
CVE-2016-7212 HIGH
Windows Multiple Versions - Remote Code Execution via Crafted Image File
CVSS 7.8
CVE-2016-9111 MEDIUM
Citrix Receiver Desktop Lock 4.5 - Auth Bypass
CVSS 6.8
CVE-2016-9190 HIGH
Pillow < 3.3.2 - Remote Code Execution via Crafted Image File
CVSS 7.8
CVE-2016-9182 HIGH
Exponent CMS 2.4 - Improper Access Control via Case Insensitive Method Name Bypass
CVSS 7.5
CVE-2016-3060 MEDIUM
IBM Financial Transaction Manager 3.0.0.x-3.0.1.0 - Authenticated Clickjacking
CVSS 5.7
CVE-2016-8580 CRITICAL
AlienVault OSSIM & USM <5.3.2 - Code Injection
CVSS 9.8
CVE-2016-8296 HIGH
Oracle PeopleSoft <8.55 - Info Disclosure
CVSS 7.6
CVE-2016-8293 HIGH
Oracle PeopleSoft Products <8.56 - Info Disclosure
CVSS 8.2
CVE-2016-8292 MEDIUM
Oracle PeopleSoft Products 9.2 - Info Disclosure
CVSS 4.2
CVE-2016-8291 HIGH
Oracle PeopleSoft <8.55 - Info Disclosure
CVSS 8.2
CVE-2016-8288 LOW
Oracle MySQL <5.6.30, <5.7.12 - Info Disclosure
CVSS 3.1
CVE-2016-8285 MEDIUM
Oracle PeopleSoft Products 9.2 - Info Disclosure
CVSS 4.8
Details
Vulnerabilities 5,344