CWE-284
Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
5,363 vulnerabilities with CWE-284
CVE-2011-1762
MEDIUM
WordPress < 3.0.6 - Improper Access Control in wp-admin/press-this.php
CVSS 6.5
CVE-2011-4181
HIGH
SUSE Open Build Service <2.1.15, <2.3 - Info Disclosure
CVSS 7.5
CVE-2011-4600
MEDIUM
Canonical Ubuntu Linux - Improper Access Control
CVSS 5.9
CVE-2011-4016
Cisco IOS 12.2, 15.0-15.2 - Denial of Service via Crafted PPP Network Traffic
CVE-2011-3544
CRITICAL
KEV
Java Applet Rhino Script Engine Remote Code Execution
CVSS 9.8
CVE-2010-5305
CRITICAL
Rockwell PLC5/SLC5/0x/RSLogix 1785-Lx and 1747-L5x - Info Disclosure
CVSS 9.8
CVE-2010-2232
HIGH
Apache Derby 10.1.2.1, 10.2.2.0, 10.3.1.4, 10.4.1.3 - Arbitrary File Overwrite via Export Processing
CVSS 7.5
CVE-2009-5151
MEDIUM
Absolute Computrace Agent - Unauthenticated Code Execution via Inter-Partition Space
CVSS 6.7
CVE-2009-5150
MEDIUM
Absolute Computrace Agent V80.845 and V80.866 - Improper Access Control via Configuration Block Modification
CVSS 6.7
CVE-2009-2631
SafeNet SecureWire Access Gateway - Cross-Site Scripting via Domain Rewrite
CVE-2009-2092
IBM WebSphere Application Server (WAS) <7.0.0.5 - Auth Bypass
CVE-2008-2947
Microsoft Internet Explorer 5.01 SP4, 6, and 7 - Cross-Domain Information Disclosure via JavaScript Location Property
CVE-2001-0781
SpoonFTP 1.0.0.12 - Buffer Overflow via CWD or LIST Command
Details
Vulnerabilities
5,363