Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,270 vulnerabilities with CWE-284

CVE-2025-13185 MEDIUM

Bdtask News365 < 7.0.3 - Unrestricted File Upload via Profile Image/Banner Image Argument

CVE-2025-54561 MEDIUM

Desktop Alert PingAlert Application Server 6.1.0.11-6.1.1.2 - Incorrect Access Control via Broken Authorization Schema

CVE-2025-54343 CRITICAL

Desktop Alert PingAlert Application Server 6.1.0.11-6.1.1.2 - Remote Privilege Escalation

CVE-2025-54339 CRITICAL

Desktop Alert PingAlert Application Server 6.1.0.11-6.1.1.2 - Incorrect Access Control

CVE-2025-64746 MEDIUM

Directus < 11.13.0 - Improper Access Control via Stale Field Permission References

CVE-2025-47222 MEDIUM

Keyfactor SignServer < 7.3.2 - Class Name Enumeration via Property Class Path

CVE-2025-47221 MEDIUM

Keyfactor SignServer < 7.3.1 - Authenticated Arbitrary File Write via Archive Configuration Properties

CVE-2025-47220 MEDIUM

Keyfactor SignServer < 7.3.2 - Local File Enumeration via VISIBLE_SIGNATURE_CUSTOM_IMAGE_PATH

CVE-2025-46362 MEDIUM

Dell Alienware Command Center <6.10.15.0 - Info Disclosure

CVE-2025-43515 HIGH

Compressor < 4.11.1 - Unauthenticated Remote Code Execution

CVE-2025-64706 MEDIUM

typebot 3.9.0-3.12.9 - Authenticated Insecure Direct Object Reference in API Token Management

CVE-2025-20341 HIGH

Cisco Catalyst Center Virtual Appliance - Privilege Escalation

CVE-2025-46608 CRITICAL

Dell Data Lakehouse <1.6.0.0 - Privilege Escalation

CVE-2025-13061 MEDIUM

Online Voting System 1.0 - Unrestricted File Upload in manage_voting Page

CVE-2025-63353 CRITICAL

FiberHome GPON ONU HG6145F1 RP4423 - Info Disclosure

CVE-2025-63667 HIGH

SIMICAM KEVIEW ASECAM IP Camera Firmware - Unauthenticated Sensitive API Endpoint Access

CVE-2025-63666 CRITICAL

Tenda AC15 v15.03.05.18_multi - Info Disclosure

CVE-2025-60705 HIGH

Windows Client-Side Caching - Privilege Escalation

CVE-2025-59512 HIGH

Windows 10 1607-22H2, Windows 11 23H2-25H2, Windows Server 2012-2019 Privilege Escalation via CEIP

CVE-2025-47179 MEDIUM

Microsoft Configuration Manager 2403 - Improper Access Control

CVE-2025-32037 LOW

Intel(R) PresentMon < 2.3.1 - Denial of Service via Improper Access Control

CVE-2025-24516 MEDIUM

Intel(R) CIP <WIN_DCA_2.4.0.11001 - Info Disclosure

CVE-2025-24314 LOW

Intel Computing Improvement Program < 2.4.11001 - Information Disclosure via Improper Access Control

CVE-2025-22391 MEDIUM

SigTest <6.1.10 - Privilege Escalation

CVE-2025-60876 MEDIUM

BusyBox < 1.37.0 - HTTP Request Smuggling via C0 Control Bytes in wget

Previous Page 46 of 211 Next

Details

Vulnerabilities 5,270

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy