Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,300 vulnerabilities with CWE-284

CVE-2024-48905 CRITICAL

Sematell ReplyOne 7.4.3.0 - Improper Access Control in /rest/sessions Endpoint

CVE-2024-30146 MEDIUM

HCL Domino Leap 1.1.3-1.1.4 - Improper Access Control in Application Import Endpoint

CVE-2024-30148 MEDIUM

HCL Leap < 9.3.8 - Improper Access Control via Application Import Endpoint

CVE-2024-53304 MEDIUM

LRQA Nettitude PoshC2 - Unauthenticated Remote Code Execution via Impersonation

CVE-2024-54533 HIGH

macOS < 13.7.5, < 14.7.5, < 15.2 - Unprotected User Data Exposure via Permissions Issue

CVE-2024-55963 MEDIUM

CVE-2024-53348 HIGH

loxilb < 0.9.7 - Improper Access Control

CVE-2024-11045 CRITICAL

automatic1111/stable-diffusion-webui 1.10.0 - Cross-Site WebSocket Hijacking via Unvalidated WebSocket Connection

CVE-2024-44313 HIGH

TastyIgniter < 4.0.0 - Unauthenticated Incorrect Access Control in Orders Invoice Function

CVE-2024-54565 MEDIUM

macOS < 15.2 - Unprotected User Data Exposure

CVE-2024-54559 MEDIUM

macOS < 15.2 - Unprotected User Data Exposure via Improper Access Control

CVE-2024-13430 MEDIUM

Page Builder: Pagelayer < 1.9.8 - Authenticated Information Exposure via pagelayer_builder_posts_shortcode

CVE-2024-9157 HIGH

Synaptics audio drivers - Privilege Escalation

CVE-2024-13635 MEDIUM

VK Blocks <1.94.2.2 - Info Disclosure

CVE-2024-56196 MEDIUM

Apache Traffic Server 10.0.0-10.0.3 - Improper Access Control

CVE-2024-56195 MEDIUM

Apache Traffic Server 9.2.0-9.2.8 10.0.0-10.0.3 - Improper Access Control

CVE-2024-51954 HIGH

ArcGIS Server <11.3 - Privilege Escalation

CVE-2024-37567 CRITICAL

Infoblox NIOS 8.6.0-8.6.4 - Improper Access Control for Grids

CVE-2024-37566 CRITICAL

Infoblox NIOS >=8.6.0 <8.6.4 - Improper Access Control

CVE-2024-38291 HIGH

XIQ-SE <24.2.11 - Privilege Escalation

CVE-2024-53573 CRITICAL

Unifiedtransform v2.X - Unauthenticated Improper Access Control via Teacher Edit Endpoint

CVE-2024-36259 HIGH

Odoo Community/E 17.0 - Info Disclosure

CVE-2024-12368 HIGH

Odoo 15.0 - Authenticated OAuth Token Export via auth_oauth Module

CVE-2024-13693 MEDIUM

Enfold < 6.0.9 - Unauthenticated Sensitive Data Exposure via Missing Capability Check

CVE-2024-53542 MEDIUM

NovaCHRON Smart Time Plus <8.6 - Privilege Escalation

Previous Page 88 of 212 Next

Details

Vulnerabilities 5,300

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy