Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,289 vulnerabilities with CWE-284

CVE-2025-54116 HIGH

Windows MultiPoint Services - Improper Access Control

CVE-2025-54098 HIGH

Windows Hyper-V - Authenticated Privilege Escalation via Improper Access Control

CVE-2025-49692 HIGH

Azure Connected Machine Agent < 1.49 - Authenticated Privilege Escalation

CVE-2025-10116 HIGH

SiempreCMS <1.3.6 - Unrestricted Upload

CVE-2025-58752 MEDIUM

Vite <7.1.5, 7.0.7, 6.3.6, 5.4.20 - Info Disclosure

CVE-2025-58751 MEDIUM

Vite <7.1.5, <7.0.7, <6.3.6, <5.4.20 - Auth Bypass

CVE-2025-10093 MEDIUM

D-Link DIR-852 up to 1.00CN B09 - Information Disclosure via getcfg.php Device Configuration Handler

CVE-2025-10085 MEDIUM

SourceCodester Pet Grooming Management Software 1.0 - Unrestricted File Upload in manage_website.php

CVE-2025-10083 MEDIUM

Pet Grooming Management Software 1.0 - Unrestricted File Upload in /admin/profile.php

CVE-2025-10081 MEDIUM

Pet Grooming Management Software - Unrestricted File Upload in Profile Image Handler

CVE-2025-10072 MEDIUM

Portabilis i-educar < 2.10.0 - Incorrect Privilege Assignment in /matricula/[ID_STUDENT]/enturmar/ Endpoint

CVE-2025-10071 MEDIUM

Portabilis i-educar < 2.10.0 - Incorrect Privilege Assignment in /cancelar-enturmacao-em-lote/ Endpoint

CVE-2025-10070 MEDIUM

Portabilis i-educar < 2.10.0 - Incorrect Privilege Assignment in /enturmacao-em-lote/ Endpoint

CVE-2025-53791 MEDIUM

Microsoft Edge Chromium < 140.0.3485.54 - Improper Access Control

CVE-2025-10013 MEDIUM

Portabilis i-educar < 2.10.0 - Incorrect Privilege Assignment in /exportacao-para-o-seb Endpoint

CVE-2025-55244 CRITICAL

Azure Bot Service - Privilege Escalation

CVE-2025-55238 HIGH

Dynamics 365 FastTrack Implementation Assets - Info Disclosure

CVE-2025-54914 CRITICAL

Azure Networking - Improper Access Control

CVE-2025-26424 MEDIUM

Android - Local Information Disclosure via VpnManager Logic Error

CVE-2025-9942 MEDIUM

CodeAstro Real Estate Management System 1.0 - Unrestricted File Upload in /submitproperty.php

CVE-2025-9941 MEDIUM

CodeAstro Real Estate Management System 1.0 - Unrestricted File Upload via register.php uimage Parameter

CVE-2025-36909 MEDIUM

Android - Information Disclosure

CVE-2025-20335 MEDIUM

Cisco Desk Phone/Cisco IP Phone/Cisco Video Phone - Info Disclosure

CVE-2025-58459 MEDIUM

Jenkins global-build-stats Plugin < 322.v22f4db_18e2dd - Improper Access Control in REST API Endpoints

CVE-2025-21031 MEDIUM

Samsung Android - Improper Access Control in ImsService

Previous Page 58 of 212 Next

Details

Vulnerabilities 5,289

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy