CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,345 vulnerabilities with CWE-284
CVE-2015-9140 HIGH
Qualcomm Snapdragon Mobile/Wear/Small Cell SoC - Unauthorized Memory Access via Online Memory Dump
CVSS 7.5
CVE-2015-0150 CRITICAL
D-Link DIR-815 Firmware < 2.07.b01 - Improper Access Control
CVSS 9.8
CVE-2015-5350 HIGH
Garden <0.22.0-0.329.0 - Info Disclosure
CVSS 7.5
CVE-2015-3888 HIGH
Jolla Sailfish OS <1.1.2.16 - Info Disclosure
CVSS 7.5
CVE-2015-8008 HIGH
MediaWiki < 1.25.3 - OAuth IP Address Access Restriction Bypass via API Request
CVSS 7.5
CVE-2015-3302 HIGH
TheCartPress <1.3.9.3 - Info Disclosure
CVSS 7.5
CVE-2015-9245 CRITICAL
Progress OpenEdge 10.2x and 11.x - Unauthenticated Remote Code Execution via Java RMI Class Loader
CVSS 9.8
CVE-2015-1336 HIGH
Man-db <2.7.6.1-1 - Privilege Escalation
CVSS 7.8
CVE-2015-7315 MEDIUM
Plone 3.3.0-4.3.6 and 5.0rc1 - Unauthenticated User Registration Bypass
CVSS 5.9
CVE-2015-1854 HIGH
389 Directory Server < 1.3.3.10 - Improper Access Control via LDAP ModRDN Call
CVSS 7.5
CVE-2015-0110 MEDIUM
IBM Business Process Manager 7.5.x-8.5.x - Authenticated Access Control Bypass via executeServiceByName URL
CVSS 6.5
CVE-2015-3163 MEDIUM
Beaker < 20.1 - Authenticated Improper Access Control in Power and Key Types Admin Pages
CVSS 4.3
CVE-2015-4649 HIGH
Aruba Networks ClearPass Policy Manager < 6.4.7 and 6.5.x < 6.5.2 - Authenticated Privilege Escalation
CVSS 7.2
CVE-2015-3657 HIGH
Aruba Networks ClearPass Policy Manager <6.4.7, <6.5.2 - Privilege ...
CVSS 7.2
CVE-2015-3654 HIGH
Aruba Networks ClearPass Policy Manager <6.4.7 & <6.5.2 - Privilege...
CVSS 7.2
CVE-2015-3653 HIGH
Aruba Networks ClearPass Policy Manager <6.4.7, <6.5.2 - Privilege ...
CVSS 7.2
CVE-2015-5293 MEDIUM
Red Hat Enterprise Virtualization Manager <3.6 - Info Disclosure
CVSS 5.9
CVE-2015-9064 CRITICAL
Google Android - Improper Access Control
CVSS 9.8
CVE-2015-9047 CRITICAL
Google Android - Improper Access Control
CVSS 9.8
CVE-2015-9040 CRITICAL
Google Android - Improper Access Control
CVSS 9.8
CVE-2015-2687 MEDIUM
OpenStack Compute - Improper Access Control via Failed Live Migration
CVSS 4.7
CVE-2015-7887 HIGH
NetApp SnapCenter Server 1.0 - Info Disclosure
CVSS 8.1
CVE-2015-8697 MEDIUM
stalin 0.11-5 - Arbitrary File Write
CVSS 5.5
CVE-2015-7898 MEDIUM
Samsung Galaxy S6 - Denial of Service in Samsung Gallery GIF Parser
CVSS 5.5
CVE-2015-7895 MEDIUM
Samsung Gallery on Samsung Galaxy S6 - Denial of Service via Bitmap Decoding
CVSS 5.5
Details
Vulnerabilities 5,345