CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,345 vulnerabilities with CWE-284
CVE-2016-3366 MEDIUM
Microsoft Outlook 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, and 2016 for Mac - Spoofing via MIME Data
CVSS 6.5
CVE-2016-3345 HIGH
Windows SMBv1 - Authenticated Remote Code Execution via Crafted Packets
CVSS 8.8
CVE-2016-5954 MEDIUM
IBM WebSphere Portal <8.5.0 - DoS
CVSS 6.5
CVE-2016-3899 MEDIUM
Android <4.4.4, <5.0.2, <5.1.1, <2016-09-01 - DoS
CVSS 5.5
CVE-2016-3898 MEDIUM
Android <5.0.2, <5.1.1, <2016-09-01 - DoS
CVSS 5.5
CVE-2016-3884 MEDIUM
Android <6.0.1 & <7.0 - Privilege Escalation
CVSS 5.5
CVE-2016-3883 MEDIUM
Android <4.4.4, <5.0.2, <5.1.1, <2016-09-01 - Info Disclosure
CVSS 5.5
CVE-2016-3880 MEDIUM
Android <4.4.4, <5.0.2, <5.1.1, <2016-09-01 - Buffer Overflow
CVSS 5.5
CVE-2016-3879 MEDIUM
Android <4.4.4, <5.0.2, <5.1.1, <2016-09-01 - DoS
CVSS 5.5
CVE-2016-3878 MEDIUM
Android 6.x - Denial of Service via Crafted Media File
CVSS 5.5
CVE-2016-3863 HIGH
Android <4.4.4, <5.0.2, <5.1.1, <2016-09-01 - Buffer Overflow
CVSS 7.8
CVE-2016-6179 HIGH
Huawei Honor 6 Firmware < H60-L01C00B850 - Privilege Escalation and Denial of Service via WiFi Driver
CVSS 7.0
CVE-2016-5404 MEDIUM
FreeIPA - Authenticated Arbitrary Certificate Revocation via cert_revoke Command
CVSS 6.5
CVE-2016-7107 HIGH
Huawei UMA < v200r001c00spc200 - Unauthenticated Password Reset and Data Integrity Impact
CVSS 7.5
CVE-2016-6898 MEDIUM
Huawei E9000 Chassis < V100R001C00 - Authenticated XML External Entity Injection
CVSS 6.6
CVE-2016-6317 HIGH
Ruby on Rails 4.2.x <4.2.7.1 - Info Disclosure
CVSS 7.5
CVE-2016-6184 HIGH
Huawei Honor 4C Firmware - Privilege Escalation or Denial of Service via Camera Driver
CVSS 7.0
CVE-2016-6183 HIGH
Huawei Honor 4C Firmware - Denial of Service and Privilege Escalation via Camera Driver
CVSS 7.0
CVE-2016-6182 HIGH
Huawei Honor 4C Firmware - Privilege Escalation via Camera Driver
CVSS 7.0
CVE-2016-6181 HIGH
Huawei Honor 4C Firmware - Privilege Escalation and Denial of Service via Camera Driver
CVSS 7.0
CVE-2016-6180 HIGH
Huawei Honor 4C Firmware - Denial of Service and Privilege Escalation via Camera Driver
CVSS 7.0
CVE-2016-5022 CRITICAL
F5 BIG-IP and iWorkflow - Denial of Service via Crafted Network Traffic
CVSS 9.8
CVE-2016-5383 HIGH
Red Hat CloudForms 4.1 - Authenticated Remote Code Execution via Web UI Field Injection
CVSS 8.8
CVE-2016-5023 HIGH
F5 BIG-IP DoS via Crafted Network Traffic
CVSS 7.5
CVE-2016-5673 HIGH
UltraVNC Repeater < 1201 - Unauthenticated Open Proxy via IP Address and Port Manipulation
CVSS 7.5
Details
Vulnerabilities 5,345