CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,290 vulnerabilities with CWE-284
CVE-2025-50071 MEDIUM
Oracle E-Business Suite <12.2.15 - RCE
CVSS 6.4
CVE-2025-50070 MEDIUM
Oracle Database Server <23.9 - Info Disclosure
CVSS 5.3
CVE-2025-50060 HIGH
Oracle BI Publisher 7.6.0.0.0, 8.2.0.0.0, 12.2.1.4.0 - Authenticated Improper Access Control in Web Server
CVSS 8.1
CVE-2025-50059 HIGH
Oracle Jdk - Improper Access Control
CVSS 8.6
CVE-2025-30760 MEDIUM
Oracle JD Edwards EnterpriseOne Tools 9.2.0.0-9.2.9.3 - Authenticated Improper Access Control in Web Runtime SEC
CVSS 5.4
CVE-2025-30759 MEDIUM
Oracle Business Intelligence Enterprise Edition 7.6.0.0.0, 8.2.0.0.0, 12.2.1.4.0 - Unauthenticated Access Control Bypass
CVSS 6.1
CVE-2025-30754 MEDIUM
Oracle GraalVM for JDK 17.0.15, 21.0.7, 24.0.1 - Unauthenticated Improper Access Control via TLS
CVSS 4.8
CVE-2025-7627 MEDIUM
kkFileViewOfficeEdit < 2019-03-19 - Unrestricted File Upload via File Parameter in fileUpload Function
CVSS 6.3
CVE-2025-7576 HIGH
Teledyne FLIR FB- and FH-Series 1.3.2.16 - Improper Access Controls
CVSS 7.3
CVE-2025-7573 MEDIUM
LB-LINK BL-AC1900, BL-AC2100_AZ3, BL-AC3600, BL-AX1800, BL-AX5400P, BL-WR9000 < 20250702 - Information Disclosure
CVSS 5.3
CVE-2025-7572 MEDIUM
LB-LINK BL-AC1900, BL-AC2100_AZ3, BL-AC3600, BL-AX1800, BL-AX5400P, BL-WR9000 < 20250702 - Information Disclosure
CVSS 5.3
CVE-2025-7565 MEDIUM
LB-LINK BL-AC3600 <1.0.22 - Info Disclosure
CVSS 5.3
CVE-2025-7552 MEDIUM
Dromara Northstar <7.3.5 - Improper Access Controls
CVSS 6.3
CVE-2025-7547 HIGH
Campcodes Online Movie Theater Seat Reservation System - Improper Access Control
CVSS 7.3
CVE-2025-7538 HIGH
Campcodes Sales and Inventory System 1.0 - Unrestricted Upload
CVSS 7.3
CVE-2025-7487 MEDIUM
JoeyBling SpringBoot_MyBatisPlus <a6a825513bd688f717dbae3a196bc9c96...
CVSS 6.3
CVE-2025-7477 MEDIUM
Simple Car Rental System 1.0 - Unrestricted Upload
CVSS 4.7
CVE-2025-7470 HIGH
Campcodes Sales & Inventory System 1.0 - Unrestricted Upload
CVSS 7.3
CVE-2025-52963 MEDIUM
Juniper Junos < 21.2 - Improper Access Control
CVSS 5.5
CVE-2025-7413 MEDIUM
code-projects Library System 1.0 - Unrestricted Upload
CVSS 6.3
CVE-2025-7412 MEDIUM
code-projects Library System 1.0 - Unrestricted Upload
CVSS 6.3
CVE-2025-23048 CRITICAL
Apache HTTP Server 2.4.35-2.4.63 - Access Control Bypass via TLS 1.3 Session Resumption
CVSS 9.1
CVE-2025-44525 MEDIUM
Texas Instruments CC2652RB LaunchPad SimpleLink CC13XX CC26XX SDK 7...
CVSS 6.5
CVE-2025-44526 MEDIUM
Realtek RTL8762E SDK V1.4.0 - Denial of Service via BLE LL_Length_Req Packet
CVSS 6.5
CVE-2025-7210 MEDIUM
Fabian Ros Library Management System 2.0 - Unrestricted File Upload via admin/profile_update.php photo Parameter
CVSS 6.3
Details
Vulnerabilities 5,290
Links
MITRE CWE Entry Search this CWE With Exploits