CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,345 vulnerabilities with CWE-284
CVE-2016-5532 MEDIUM
Oracle Shipping Execution 12.1.1-12.1.3, 12.2.3-12.2.6 - Improper Access Control
CVSS 5.3
CVE-2016-5527 MEDIUM
Oracle Agile PLM 9.3.4-9.3.5 - Improper Access Control
CVSS 5.9
CVE-2016-5526 HIGH
Oracle Agile PLM 9.3.4-9.3.5 - Improper Access Control
CVSS 7.3
CVE-2016-5525 LOW
Oracle Solaris Cluster 3.3 and 4.3 - Integrity Impact via Cluster Check Files
CVSS 3.3
CVE-2016-5521 MEDIUM
Oracle Agile PLM 9.3.4-9.3.5 - Improper Access Control
CVSS 6.5
CVE-2016-5517 MEDIUM
Oracle Applications DBA - Improper Access Control
CVSS 5.5
CVE-2016-5506 LOW
Oracle Identity Manager - Improper Access Control
CVSS 3.1
CVE-2016-5502 MEDIUM
Oracle FLEXCUBE Universal Banking 11.3.0, 11.4.0, 12.0.1-12.0.3 - Authenticated Improper Access Control
CVSS 5.4
CVE-2016-5497 MEDIUM
Oracle Database Server 12.1.0.2 - Improper Access Control in RDBMS Security Component
CVSS 6.4
CVE-2016-5495 HIGH
Oracle Discoverer 11.1.1.7.0 - Exposure of Sensitive Information via EUL Code & Schema
CVSS 7.5
CVE-2016-5493 MEDIUM
Oracle FLEXCUBE Private Banking 12.0.1-12.0.3 - Authenticated Improper Access Control
CVSS 4.2
CVE-2016-5492 HIGH
Sun ZFS Storage Appliance Kit AK 2013 - Improper Access Control via SMB Users
CVSS 7.1
CVE-2016-5491 HIGH
Oracle Commerce Service Center 10.0.3.5 and 10.2.0.5 - Improper Access Control
CVSS 8.2
CVE-2016-5482 HIGH
Oracle Commerce Guided Search 6.2.2, 6.3.0, 6.4.1.2, 6.5.0-6.5.2 - Improper Access Control
CVSS 8.2
CVE-2016-1000032 HIGH
TGCaptcha2 <0.3.0 - Info Disclosure
CVSS 7.5
CVE-2016-1000031 CRITICAL
Apache Commons FileUpload <1.3.3 - RCE
CVSS 9.8
CVE-2016-0241 HIGH
IBM Security Guardium Database Activity Monitor <10.1 - Privilege E...
CVSS 8.8
CVE-2016-3392 MEDIUM
Microsoft Edge - Content Security Policy Bypass via Document Validation Flaw
CVSS 5.3
CVE-2016-0142 HIGH
Microsoft Windows RCE via Video Control
CVSS 7.8
CVE-2016-6958 CRITICAL
Adobe Acrobat/Reader <11.0.17, DC <15.006.30201/15.017.20053 - Access Control Bypass
CVSS 9.8
CVE-2016-4286 HIGH
Adobe Flash Player <19-23 - Auth Bypass
CVSS 8.8
CVE-2016-4407 MEDIUM
SAP SAPCRYPTOLIB <5.555.38 - Privilege Escalation
CVSS 6.5
CVE-2016-3635 HIGH
SAP NetWeaver 7.4 - Authenticated Unified Connectivity Access Control Bypass via Communication Assembly RFM
CVSS 7.5
CVE-2016-8565 CRITICAL
Siemens Automation License Manager < 5.3 SP3 - Unauthenticated Arbitrary File Write and Directory Manipulation
CVSS 9.1
CVE-2016-6690 MEDIUM
Android < 7.0 - Denial of Service via Sound Driver
CVSS 5.5
Details
Vulnerabilities 5,345