Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,270 vulnerabilities with CWE-284

CVE-2026-21635 MEDIUM

UniFi Connect EV Station Lite Firmware < 1.6.1 - Improper Access Control via WiFi AutoLink Feature

CVE-2026-0577 MEDIUM

Online Product Reservation System 1.0 - Unrestricted File Upload in prod.php

CVE-2026-21447 HIGH

Bagisto < 2.3.10 - Authenticated Insecure Direct Object Reference via Order ID Parameter

CVE-2026-0566 MEDIUM

code-projects Content Management System 1.0 - Unrestricted File Upload via Image Argument

CVE-2026-0547 MEDIUM

Online Course Registration < 3.1 - Unrestricted File Upload via Student Registration Page

CVE-2025-66391 HIGH

Citrix Cloud through 2025-11-10 - Authenticated Workflow Bypass via Read-Only Access

CVE-2025-46315 HIGH

Apple macOS < 26.1 - Improper Access Control

CVE-2025-46308 MEDIUM

Apple Ios And iPadOS - Improper Access Control

CVE-2025-43339 MEDIUM

Apple macOS < 26.1 - Improper Access Control

CVE-2025-24165 MEDIUM

macOS < 13.7.5, < 14.7.5, < 15.4 - Denial of Service via Permissions Issue

CVE-2025-22426 HIGH

Android 14-16 ComputerEngine - Cross-User URI Access Privilege Escalation

CVE-2025-46307 MEDIUM

macOS < 26 - Unprotected User Data Exposure via Logic Issue

CVE-2025-43451 MEDIUM

macOS < 26 - Unprotected User Data Exposure

CVE-2025-67437 MEDIUM

Medical Management System - Unauthenticated Password Reset

CVE-2025-0040 MEDIUM

Amd Ryzen™ 7040 Series Mobile Processors With Radeon™ Graphics - Improper Access Control

CVE-2025-43524 HIGH

macOS Sequoia < 15.7.7, Sonoma < 14.8.7, Tahoe < 26.2 - Sandbox Escape via Improper Access Control

CVE-2025-9973 MEDIUM

Authorization Bypass via Adaptive Authentication in WSO2 Identity Server Allows Cross-Organization Account Takeover

CVE-2025-69691 CRITICAL

Netgate pfSense CE 2.8.0 - Code Injection

CVE-2025-67796 HIGH

IKUS Rdiffweb <2.10.5 - Privilege Escalation

CVE-2025-67259 MEDIUM

ClassroomIO 0.1.13 - Broken Access Control

CVE-2025-59308 MEDIUM

Mahara <24.04.10/25<25.04.1 - Privilege Escalation

CVE-2025-56015 HIGH

GenieACS 1.2.13 - Unauthenticated Improper Access Control in NBI API Endpoint

CVE-2025-69988 MEDIUM

BS Producten Petcam 33.1.0.0818 - Auth Bypass

CVE-2025-55261 HIGH

HCL Aftermarket DPC is affected by Missing Functional Level Access Control

CVE-2025-43534 MEDIUM

iOS and iPadOS < 18.7.7 and < 26.2 - Unprotected User Data Exposure via Path Handling Issue

Previous Page 37 of 211 Next

Details

Vulnerabilities 5,270

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy