Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,289 vulnerabilities with CWE-284

CVE-2025-43207 MEDIUM

macOS < 26 - Unprotected User Data Exposure via Improper Access Control

CVE-2025-43204 HIGH

macOS Tahoe 26 - Privilege Escalation

CVE-2025-31270 MEDIUM

macOS < 26 - Unprotected User Data Exposure via Permissions Issue

CVE-2025-31269 MEDIUM

macOS 14.0-14.7 and <26 - Unprotected User Data Exposure via Permissions Issue

CVE-2025-31268 MEDIUM

macOS < 14.8, < 15.7, < 26 - Unprotected User Data Exposure via Permissions Issue

CVE-2025-24197 MEDIUM

macOS < 14.8, < 15.7, < 26 - Unprotected User Data Exposure via Logic Issue

CVE-2025-24088 HIGH

macOS < 26 - Improper Access Control via MDM Profile Settings Override

CVE-2025-56274 HIGH

Web-based Pharmacy Product Management System 1.0 - Incorrect Access Control

CVE-2025-10480 MEDIUM

Online Student File Management System 1.0 - Unrestricted File Upload via save_file.php

CVE-2025-10491 HIGH

MongoDB <6.0.25-8.0.5 - Code Injection

CVE-2025-10447 HIGH

Campcodes Online Job Finder System 1.0 - Unrestricted File Upload via Picture Argument

CVE-2025-10428 MEDIUM

Pet Grooming Management Software 1.0 - Unrestricted File Upload via SEO Setting Handler

CVE-2025-10427 MEDIUM

SourceCodester Pet Grooming Management Software 1.0 - Unrestricted File Upload via User Profile Image

CVE-2025-10425 HIGH

1000projects Online Student Project Report Submission and Evaluation System 1.0 - Unrestricted File Upload

CVE-2025-10424 HIGH

Online Student Project Report Submission and Evaluation System 1.0 - Unrestricted File Upload via new_image Argument

CVE-2025-10398 MEDIUM

fcba_zzm Smart Park Management System 2.0 - Unrestricted File Upload in FileUploadUtils.java

CVE-2025-10371 HIGH

eCharge Hardy Barth Salia PLCC <2.3.81 - Unrestricted Upload

CVE-2025-45584 HIGH

Audi Universal Traffic Recorder 2.0 - Unauthenticated Sensitive Data Exposure via Web Service

CVE-2025-10321 MEDIUM

Wavlink WL-WN578W2 - Information Disclosure via /live_online.shtml

CVE-2025-27238 LOW

Zabbix 7.0.0-7.0.13 - Unauthenticated Improper Access Control via Host Prototype API

CVE-2025-10247 MEDIUM

JEPaaS 7.2.8 - Incorrect Privilege Assignment in Filter Handler

CVE-2025-10201 HIGH

Google Chrome < 140.0.7339.127 - Site Isolation Bypass via Mojo

CVE-2025-20159 MEDIUM

Cisco IOS XR Software - Unauthenticated ACL Bypass for SSH, NetConf, and gRPC

CVE-2025-56406 HIGH

mcp-neo4j 0.3.0 - Unauthenticated Exposure of Sensitive Information via SSE Service

CVE-2025-56405 HIGH

litmus mcp_server - Unauthenticated Improper Access Control via SSE Protocol

Previous Page 57 of 212 Next

Details

Vulnerabilities 5,289

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy