Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,290 vulnerabilities with CWE-284

CVE-2025-8764 MEDIUM

linlinjava litemall < 1.8.0 - Unrestricted File Upload via /wx/storage/upload

CVE-2025-8738 MEDIUM

zlt2000 microservices-platform <6.0.0 - Info Disclosure

CVE-2025-54397 MEDIUM

Netwrix Directory Manager 11.0.0.0-11.1.25162.02 - Authenticated Sensitive Information Exposure via Sent Data

CVE-2025-54786 MEDIUM

SuiteCRM 7.14.6 and 8.8.0 - Unauthenticated Meeting Data Access via Legacy iCal Service

CVE-2025-51054 MEDIUM

Vedo Suite 2024.17 - Info Disclosure

CVE-2025-30127 CRITICAL

Marbella KR8s Dashcam FF <2.0.8 - Info Disclosure

CVE-2025-51532 HIGH

Sage DPW < 2025_06_000 - Unauthenticated Database Monitor Access via Crafted Request

CVE-2025-46391 MEDIUM

Emby MediaBrowser 4.9.0.35 - Improper Access Control

CVE-2025-27062 HIGH

Product <Version - Memory Corruption

CVE-2025-51627 MEDIUM

Agenzia Impresa Eccobook v2.81.1 - Privilege Escalation

CVE-2025-51060 MEDIUM

CPUID cpuz.sys 1.0.5.4 - Unauthenticated Arbitrary Code Execution via DeviceIoControl

CVE-2025-43980 MEDIUM

FIRSTNUM JC21A-04 - Info Disclosure

CVE-2025-54871 MEDIUM

electroncapture < 2.20.0 - Local Privilege Escalation via ELECTRON_RUN_AS_NODE Environment Variable

CVE-2025-8526 MEDIUM

Exrick xboot < 3.3.4 - Unrestricted File Upload via UploadController

CVE-2025-8525 MEDIUM

Exrick xboot < 3.3.4 - Information Disclosure in Spring Boot Admin/Spring Actuator

CVE-2025-8519 LOW

vvveb < 1.0.6 - Information Disclosure via Drag-and-Drop Editor URL Parameter

CVE-2025-8515 LOW

Intelbras InControl 2.21.60.9 - Exposure of Sensitive Information via /v1/operador/ JSON Endpoint

CVE-2025-8504 MEDIUM

Kitchen Treasure 1.0 - Unrestricted File Upload via User Registration Photo Parameter

CVE-2025-23277 HIGH

NVIDIA Display Driver - Memory Corruption

CVE-2025-50870 CRITICAL

Institute-of-Current-Students 1.0 - Info Disclosure

CVE-2025-26062 CRITICAL

Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 - Unauthenticated Sensitive Information Exposure via Settings File Access

CVE-2025-50850 HIGH

CS-Cart 4.18.3 - Unauthenticated Brute-Force Attack via Vendor Login Endpoint

CVE-2025-29556 HIGH

ExaGrid EX10 <7.0.1.P08 - Privilege Escalation

CVE-2025-52289 HIGH

MagnusBilling 7.8.5.3 - Unauthenticated Privilege Escalation via Crafted User Save Request

CVE-2025-29557 MEDIUM

ExaGrid EX10 6.3-7.0.1.P08 - Info Disclosure

Previous Page 62 of 212 Next

Details

Vulnerabilities 5,290

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy