Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,300 vulnerabilities with CWE-284

CVE-2025-4752 MEDIUM

D-Link DI-7003GV2 24.04.18D1 R(68125) - Information Disclosure via /install_base.data

CVE-2025-4751 MEDIUM

D-Link DI-7003GV2 24.04.18D1 R(68125) - Information Disclosure via /index.data

CVE-2025-4750 MEDIUM

D-Link DI-7003GV2 24.04.18D1 R(68125) - Information Disclosure in Configuration Handler

CVE-2025-4735 MEDIUM

Campcodes Sales and Inventory System 1.0 - Unrestricted File Upload via Picture Parameter in product.php

CVE-2025-47161 HIGH

Microsoft Defender for Endpoint < 101.25022.0002 - Privilege Escalation

CVE-2025-47884 CRITICAL

Jenkins OpenID Connect Provider Plugin < 96.vee8ed882ec4d - Impersonation via Environment Variable Override

CVE-2025-43563 CRITICAL

ColdFusion 2025.1 2023.13 2021.19 and earlier - Authenticated Arbitrary File System Read

CVE-2025-22844 MEDIUM

Intel(R) Tiber Edge Platform - Info Disclosure

CVE-2025-20100 HIGH

Intel(R) Xeon(R) 6 - Privilege Escalation

CVE-2025-20076 MEDIUM

Intel(R) Tiber Edge Platform - Privilege Escalation

CVE-2025-20052 HIGH

Intel(R) Graphics software - Authenticated Denial of Service via Local Access

CVE-2025-29973 HIGH

Azure File Sync - Privilege Escalation

CVE-2025-31260 MEDIUM

macOS < 15.5 - Unprotected User Data Exposure via Permissions Issue

CVE-2025-31258 MEDIUM

macOS < 15.5 - Sandbox Escape via Vulnerable Code Removal

CVE-2025-31247 HIGH

macOS < 13.7.6, < 14.7.6, < 15.5 - Unprotected File System Access via Logic Issue

CVE-2025-31232 HIGH

macOS < 13.7.6, < 14.7.6, < 15.5 - Unprotected User Data Exposure via Sandbox Bypass

CVE-2025-31212 MEDIUM

iPadOS < 18.5 - Unauthorized Sensitive Data Access

CVE-2025-31195 MEDIUM

macOS < 15.4 - Sandbox Escape via Improper Access Control

CVE-2025-30436 CRITICAL

iPadOS < 18.4 - Improper Access Control via Siri Auto-Answer Calls

CVE-2025-4538 MEDIUM

kkFileView 4.4.0 - Unauthenticated Arbitrary File Upload via /fileUpload Endpoint

CVE-2025-4536 MEDIUM

Gosuncn Audio-Visual Platform 1.0 Information Disclosure via /sysmgr/user/listByPage

CVE-2025-4535 MEDIUM

Gosuncn Audio-Visual Platform 4.0 - Configuration File Information Disclosure

CVE-2025-28201 MEDIUM

Victure RX1800 EN_V1.0.0_r12_110933 - Unauthenticated Arbitrary Code Execution

CVE-2025-4468 HIGH

Online Student Clearance System 1.0 - Unrestricted File Upload via userImage Parameter

CVE-2025-33072 HIGH

msagsfeedback.azurewebsites.net - Unauthenticated Information Disclosure

Previous Page 71 of 212 Next

Details

Vulnerabilities 5,300

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy