Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,300 vulnerabilities with CWE-284

CVE-2025-3764 MEDIUM

Senior-walter Web-based Pharmacy Product Management System - Improper Access Control

CVE-2025-3113 CRITICAL

Continuous Compliance - Info Disclosure

CVE-2025-1568 HIGH

Google ChromeOS 16063.87.0 - Remote Code Execution and Denial of Service via Gerrit Project Configuration

CVE-2025-3675 MEDIUM

TOTOLINK A3700R 9.1.2u.5822_B20200513 - Improper Access Control in setL2tpServerCfg

CVE-2025-3674 MEDIUM

TOTOLINK A3700R 9.1.2u.5822_B20200513 - Improper Access Control in setUrlFilterRules Function

CVE-2025-3668 MEDIUM

TOTOLINK A3700R 9.1.2u.5822_B20200513 - Improper Access Control in setScheduleCfg Function

CVE-2025-3667 MEDIUM

TOTOLINK A3700R 9.1.2u.5822_B20200513 - Improper Access Control in setUPnPCfg Function

CVE-2025-3666 MEDIUM

TOTOLINK A3700R 9.1.2u.5822_B20200513 - Improper Access Control in setDdnsCfg Function

CVE-2025-3665 MEDIUM

TOTOLINK A3700R 9.1.2u.5822_B20200513 - Improper Access Control in setSmartQosCfg

CVE-2025-3664 MEDIUM

TOTOLINK A3700R 9.1.2u.5822_B20200513 - Improper Access Control in setWiFiEasyGuestCfg

CVE-2025-3663 MEDIUM

TOTOLINK A3700R 9.1.2u.5822_B20200513 - Improper Access Control in Password Handler

CVE-2025-30100 MEDIUM

Dell Alienware Command Center <6.7.37.0 - Privilege Escalation

CVE-2025-30740 MEDIUM

Oracle JD Edwards EnterpriseOne Tools 9.2.0.0-9.2.9.2 - Unauthorized Data Access via Web Runtime SEC

CVE-2025-30736 HIGH

Oracle Java VM 19.3-19.26, 21.3-21.17, 23.4-23.7 - Unauthenticated Improper Access Control

CVE-2025-30735 HIGH

Oracle PeopleSoft Enterprise CC Common Application Objects 9.2 - Improper Access Control in Page and Field Configuration

CVE-2025-30732 MEDIUM

Oracle Application Object Library 12.2.3-12.2.14 - Unauthenticated Improper Access Control via HTTP

CVE-2025-30731 LOW

Oracle Applications Technology Stack 12.2.3-12.2.14 - Unauthenticated Improper Access Control in Configuration

CVE-2025-30729 MEDIUM

Oracle Communications Order and Service Management 7.4.0/7.4.1/7.5.0 - Unauthorized Data Access and Partial DoS

CVE-2025-30728 HIGH

Oracle Configurator 12.2.3-12.2.14 - Unauthenticated Unauthorized Data Access via HTTP

CVE-2025-30726 MEDIUM

Oracle Application Object Library 12.2.3-12.2.14 - Unauthenticated Unauthorized Data Read via HTTP

CVE-2025-30714 MEDIUM

Oracle MySQL Connectors 9.0.0-9.2.0 - Unauthorized Data Access via Connector/Python

CVE-2025-30713 MEDIUM

Oracle PeopleSoft Enterprise HCM Talent Acquisition Manager 9.2 - Improper Access Control in Job Opening

CVE-2025-30711 MEDIUM

Oracle Applications Framework 12.2.3-12.2.14 - Authenticated Improper Access Control in Attachments File Upload

CVE-2025-30710 MEDIUM

MySQL Cluster 8.0.0-8.0.41, 8.4.0-8.4.4, 9.0.0-9.2.0 - Authenticated Denial of Service in NDBCluster Plugin

CVE-2025-30709 MEDIUM

Oracle JD Edwards EnterpriseOne Tools 9.2.0.0-9.2.9.2 - Unauthenticated Improper Access Control via Web Runtime SEC

Previous Page 75 of 212 Next

Details

Vulnerabilities 5,300

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy