Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,300 vulnerabilities with CWE-284

CVE-2025-23367 MEDIUM

Red Hat JBoss Enterprise Application Platform 7.4 - Improper Access Control in Suspend and Resume Handlers

CVE-2025-0745 HIGH

EmbedAI < 2.1 - Authenticated Improper Access Control via Database Backup Endpoint

CVE-2025-0744 HIGH

EmbedAI <2.1 - Privilege Escalation

CVE-2025-0743 MEDIUM

EmbedAI < 2.1 - Authenticated Improper Access Control via Visits Endpoint

CVE-2025-0742 MEDIUM

EmbedAI < 2.1 - Authenticated Improper Access Control via FILE_ID Parameter

CVE-2025-0741 MEDIUM

EmbedAI <2.1 - Privilege Escalation

CVE-2025-0740 HIGH

EmbedAI < 2.1 - Authenticated Improper Access Control via CHAT_ID Parameter

CVE-2025-0739 HIGH

EmbedAI < 2.1 - Authenticated Improper Access Control via SUSCBRIPTION_ID Parameter

CVE-2025-0802 HIGH

SourceCodester Best Employee Management System 1.0 - Info Disclosure

CVE-2025-0783 MEDIUM

Pankajindevops <20241113 - Info Disclosure

CVE-2025-24365 HIGH

vaultwarden < 1.33.0 - Improper Access Control

CVE-2025-0722 MEDIUM

needyamin image_gallery 1.0 - Unrestricted Upload

CVE-2025-0702 MEDIUM

JoeyBling bootplus < 2020-08-24 - Unrestricted File Upload via PortraitFile Argument

CVE-2025-0650 HIGH

Open Virtual Network - Crafted UDP Packet Egress ACL Bypass

CVE-2025-23083 HIGH

Node.js 20.x-20.18.1, 22.x-22.13.0, 23.x-23.6.0 - Permission Model Bypass via Worker Thread Hook

CVE-2025-0582 MEDIUM

itsourcecode Farm Management System <1.0 - Unrestricted Upload

CVE-2025-21185 MEDIUM

Microsoft Edge Chromium < 132.0.2957.115 - Elevation of Privilege

CVE-2025-0481 MEDIUM

D-Link DIR-878 1.03 - Info Disclosure

CVE-2025-21405 HIGH

Visual Studio 2022 17.12.0-17.12.4 - Elevation of Privilege

CVE-2025-21340 MEDIUM

Windows 10/11, Server 2019/2022/2025 - VBS Security Feature Bypass

CVE-2025-21301 MEDIUM

Windows Geolocation Service - Information Disclosure

CVE-2025-21293 HIGH

Windows 10 1507-24H2 and Windows Server 2012-2016 - Active Directory Domain Services Elevation of Privilege

CVE-2025-21213 MEDIUM

Windows 10 1507-22H2, Windows 11 22H2-24H2, Windows Server 2012/2016 - Secure Boot Security Feature Bypass

CVE-2025-21202 MEDIUM

Windows Recovery Environment Agent - Elevation of Privilege

CVE-2025-0463 MEDIUM

Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.0.0 - Unrestricted File Upload via UsersAjax Module

Previous Page 85 of 212 Next

Details

Vulnerabilities 5,300

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy