CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,346 vulnerabilities with CWE-284
CVE-2014-3624 CRITICAL
Apache Traffic Server 5.1.x - Improper Access Control via CONNECT Request Tunneling
CVSS 9.8
CVE-2014-2277 HIGH
perltidy <20120701-1 - Info Disclosure
CVSS 7.1
CVE-2014-9489 HIGH
gollum <3.1.1 and gollum-lib <4.0.1 - Authenticated RCE
CVSS 8.8
CVE-2014-9148 CRITICAL
fiyo_cms < 2.0.1.8 - Improper Access Control via Direct Request to fiyo/dapur
CVSS 9.8
CVE-2014-8677 MEDIUM
soplanning < 1.32 - Authenticated Remote Code Execution via Crafted Database Name
CVSS 5.3
CVE-2014-9513 CRITICAL
xbindkeys-config 0.1.3-2 - Remote Code Execution via Insecure Temporary File Handling
CVSS 9.8
CVE-2014-8168 MEDIUM
Red Hat Satellite 6 - Unauthenticated Improper Access Control to mongod
CVSS 6.1
CVE-2014-9831 HIGH
ImageMagick < 6.9.4-0 - Improper Access Control via Corrupted WPG File
CVSS 8.8
CVE-2014-9830 HIGH
ImageMagick < 6.9.4-0 - Unspecified Impact via Corrupted SUN File
CVSS 8.8
CVE-2014-9828 HIGH
ImageMagick < 6.9.4-0 - Unspecified Impact via Crafted PSD File
CVSS 8.8
CVE-2014-9827 HIGH
ImageMagick < 6.9.4-0 - Unspecified Impact via Crafted XPM File
CVSS 8.8
CVE-2014-9961 HIGH
Android - Improper Access Control via eMMC Write Protection Bypass
CVSS 7.8
CVE-2014-3930 HIGH
Cistron-LG 1.01 - Info Disclosure
CVSS 7.5
CVE-2014-3929 HIGH
Cougar-LG - Info Disclosure
CVSS 7.5
CVE-2014-3928 CRITICAL
Cougar-LG - Info Disclosure
CVSS 9.8
CVE-2014-4707 HIGH
Huawei Campus S7700-S9700 - Privilege Escalation
CVSS 8.8
CVE-2014-9920 MEDIUM
McAfee Application Control 6.0.0-6.1.3 - Unauthorized Binary Execution via Whitelist Bypass
CVSS 5.9
CVE-2014-8362 CRITICAL
Vivint Sky Control Panel 1.1.1.9926 - Unauthenticated Improper Access Control
CVSS 9.8
CVE-2014-9865 HIGH
Android <2016-08-05 - Privilege Escalation
CVSS 7.8
CVE-2014-9901 HIGH
Android < 6.0.1 - Denial of Service via Crafted Wi-Fi Frames
CVSS 7.5
CVE-2014-9798 MEDIUM
Android < 6.0.1 - Denial of Service via Qualcomm Bootloader Tag Address Mismatch
CVSS 5.5
CVE-2014-9773 HIGH
Atheme <7.2.7 - Command Injection
CVSS 7.5
CVE-2014-8177 MEDIUM
Red Hat Gluster Storage Management Console - Authenticated Improper Access Control via Multiple Crafted Requests
CVSS 6.5
CVE-2014-9717 MEDIUM
Linux kernel <4.0.2 - Privilege Escalation
CVSS 6.1
CVE-2014-8912
IBM WebSphere Portal - Info Disclosure
Details
Vulnerabilities 5,346