Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,280 vulnerabilities with CWE-284

CVE-2025-58726 HIGH

Windows SMB Server - Privilege Escalation

CVE-2025-58724 HIGH

Azure Connected Machine Agent - Privilege Escalation

CVE-2025-58714 HIGH

Windows Ancillary Function Driver - Privilege Escalation

CVE-2025-55694 HIGH

Windows Error Reporting - Privilege Escalation

CVE-2025-55240 HIGH

Visual Studio - Privilege Escalation

CVE-2025-54603 MEDIUM

Claroty Secure Access <4.0.2 - Privilege Escalation

CVE-2025-47989 HIGH

Azure Connected Machine Agent < 1.57 - Authenticated Privilege Escalation

CVE-2025-37143 MEDIUM

ArubaOS 8.10.0.0-8.10.0.18 - Authenticated Arbitrary File Download via Web Management Interface

CVE-2025-37142 MEDIUM

ArubaOS 8.10.0.0-8.10.0.18 - Authenticated Arbitrary File Download via CLI Binary

CVE-2025-37141 MEDIUM

ArubaOS 8.10.0.0-8.10.0.18 - Authenticated Arbitrary File Download via CLI Binary

CVE-2025-37140 MEDIUM

ArubaOS 8.10.0.0-8.10.0.18 - Authenticated Arbitrary File Download via CLI Binary

CVE-2025-37137 MEDIUM

ArubaOS 8.10.0.0-8.10.0.18 - Authenticated Arbitrary File Deletion via Command-Line Interface

CVE-2025-37136 MEDIUM

ArubaOS 8.10.0.0-8.10.0.18 - Authenticated Arbitrary File Deletion via Command-Line Interface

CVE-2025-37135 MEDIUM

ArubaOS 8.10.0.0-8.10.0.18 - Authenticated Arbitrary File Deletion via Command-Line Interface

CVE-2025-25004 HIGH

Microsoft PowerShell - Privilege Escalation

CVE-2025-0033 MEDIUM

AMD EPYC 7003 and 9005 Series Processors - Authenticated Memory Integrity Loss via SEV-SNP RMP Write

CVE-2025-11716 MEDIUM

Firefox < 144.0 - Unauthenticated External App Launch via Sandboxed Iframe Links

CVE-2025-27258 CRITICAL

Ericsson Network Manager <25.1 GA - Privilege Escalation

CVE-2025-11660 HIGH

ProjectsAndPrograms School Management System - Unrestricted File Upload via /assets/uploadSllyabus.php File Parameter

CVE-2025-11659 HIGH

ProjectsAndPrograms School Management System - Unrestricted File Upload via /assets/uploadNotes.php File Parameter

CVE-2025-11658 HIGH

oranbyte school_management_system - Unrestricted File Upload via changeSllyabus.php File Parameter

CVE-2025-11657 HIGH

ProjectsAndPrograms School Management System - Unrestricted File Upload via File Argument in createNotice.php

CVE-2025-11656 HIGH

oranbyte school_management_system - Unrestricted File Upload via File Argument in editNotes.php

CVE-2025-11655 MEDIUM

Total.js Flow <673ef9144dd25d4f4fd4fdfda5af27f230198924 - Unrestric...

CVE-2025-11647 LOW

Furbo 360 Dog Camera <036 & Mini <074 - Sensitive Info Exposure via GATT

Previous Page 52 of 212 Next

Details

Vulnerabilities 5,280

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy