Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,270 vulnerabilities with CWE-284

CVE-2025-43416 MEDIUM

macOS <26.2, <15.7.3, <14.8.3 - Info Disclosure

CVE-2025-43404 LOW

macOS Tahoe <26.1 - Info Disclosure

CVE-2025-43393 MEDIUM

macOS Tahoe <26.1 - Privilege Escalation

CVE-2025-43351 MEDIUM

macOS < 26.1 - Unprotected User Data Exposure via Permissions Issue

CVE-2025-66430 CRITICAL

Plesk 18.0.70-18.0.73.4 and 18.0.74 - Improper Access Control

CVE-2025-64669 HIGH

Windows Admin Center < 2511 and 1809.0-2.6.5.16 - Authenticated Privilege Escalation

CVE-2025-14530 MEDIUM

Real Estate Property Listing App 1.0 - Unrestricted File Upload via Image Argument in /admin/property.php

CVE-2025-14528 MEDIUM

D-Link DIR-803 <1.04 - Info Disclosure

CVE-2025-14522 MEDIUM

baowzh hfly < 2016-05-11 - Unrestricted File Upload via imgFile Parameter

CVE-2025-67510 CRITICAL

neuron-ai < 2.8.12 - Unauthenticated Arbitrary SQL Execution via MySQLWriteTool

CVE-2025-24857 HIGH

U-Boot <2017.11 - Memory Corruption

CVE-2025-14082 LOW

Keycloak < 26.5.0 - Unauthenticated Sensitive Role Metadata Exposure via Admin REST API

CVE-2025-64897 MEDIUM

ColdFusion <= 2025.4, 2023.16, 2021.22 - Improper Access Control

CVE-2025-65594 HIGH

OpenSIS < 9.2 - Authenticated Incorrect Access Control in Student.php

CVE-2025-64673 HIGH

Windows 10/11 & Server 2019/2022/2025 - Privilege Escalation via Storvsp.sys

CVE-2025-62570 HIGH

Windows 11 24H2/25H2 and Windows Server 2025 - Information Disclosure via Camera Frame Server Monitor

CVE-2025-62474 HIGH

Windows Remote Access Connection Manager - Authenticated Privilege Escalation via Improper Access Control

CVE-2025-59923 LOW

Fortinet FortiAuthenticator 6.3.0-6.6.6 - Authenticated Credential Disclosure via Crafted Requests

CVE-2025-59810 MEDIUM

FortiSOAR 7.3.0-7.5.1, 7.6.0-7.6.2 - Authenticated Information Disclosure via Crafted Requests

CVE-2025-59517 HIGH

Windows Storage VSP Driver - Authenticated Privilege Escalation

CVE-2025-63739 MEDIUM

Xinhu Rainrock RockOA <2.7.0 - Command Injection

CVE-2025-40939 MEDIUM

SIMATIC CN 4100 < 4.0.1 - Unauthenticated Denial of Service via USB Port

CVE-2025-14286 MEDIUM

Tenda AC9 15.03.05.14_multi - Info Disclosure

CVE-2025-65797 MEDIUM

usememos memos <0.25.2 - Privilege Escalation

CVE-2025-65795 HIGH

usememos memos <0.25.2 - Privilege Escalation

Previous Page 42 of 211 Next

Details

Vulnerabilities 5,270

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy