CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,300 vulnerabilities with CWE-284
CVE-2024-13067 MEDIUM
CodeAstro Online Food Ordering System 1.0 - Info Disclosure
CVSS 5.3
CVE-2024-13042 MEDIUM
Tsinghua Unigroup Electronic Archives Management System 3.2.210802 ...
CVSS 4.3
CVE-2024-13030 HIGH
D-Link DIR-823G 1.0.2B05_20181207 - Improper Access Controls
CVSS 7.3
CVE-2024-13022 MEDIUM
Taisan Tarzan-cms 1.0.0 - Unrestricted Upload
CVSS 6.3
CVE-2024-50945 HIGH
SimplCommerce - Improper Access Control
CVSS 7.5
CVE-2024-12984 MEDIUM
Amcrest <20241211 - Info Disclosure
CVSS 5.3
CVE-2024-12956 MEDIUM
1000 Projects Portfolio Management System MCA 1.0 - Unrestricted File Upload via ach_certy Argument
CVSS 6.3
CVE-2024-12954 MEDIUM
1000 Projects Portfolio Management System MCA 1.0 - Unrestricted File Upload via ach_certy Argument
CVSS 6.3
CVE-2024-12953 MEDIUM
1000 Projects Portfolio Management System MCA 1.0 - Unrestricted File Upload via /update_pd_process.php Profile Argument
CVSS 6.3
CVE-2024-12951 MEDIUM
Portfolio Management System MCA 1.0 - Unrestricted File Upload via /add_personal_details.php
CVSS 6.3
CVE-2024-12896 MEDIUM
Intelbras VIP S3020 G2-20241222 - Info Disclosure
CVSS 5.3
CVE-2024-56335 HIGH
vaultwarden < 1.32.7 - Authenticated Privilege Escalation and Denial of Service via Group Manipulation
CVSS 7.6
CVE-2024-56330 CRITICAL
Stardust <12/20/24 - Info Disclosure
CVE-2024-9503 MEDIUM
Maintenance & Coming Soon Redirect Animation <2.1.3 - Info Disclosure
CVSS 4.3
CVE-2024-11358 MEDIUM
Mattermost Android Mobile Apps <=2.21.0 - Info Disclosure
CVSS 5.7
CVE-2024-12478 MEDIUM
InvoicePlane < 1.6.1 - Unrestricted File Upload via /index.php/upload/upload_file/1/1
CVSS 6.3
CVE-2024-24902 MEDIUM
Dell RecoverPoint for VMs 6.0.x - Info Disclosure
CVSS 6.6
CVE-2024-54096 MEDIUM
Huawei EMUI and HarmonyOS - Improper Access Control in MTP Module
CVSS 5.3
CVE-2024-10124 CRITICAL
Vayu Blocks - Unauthorized Plugin Installation
CVSS 9.8
CVE-2024-49107 HIGH
Windows 10 1507-22H2, Windows 11 22H2-24H2, Windows Server 2016-2019 - Elevation of Privilege via WmsRepair Service
CVSS 7.3
CVE-2024-49105 HIGH
Remote Desktop Client - Remote Code Execution
CVSS 8.4
CVE-2024-49068 HIGH
Microsoft SharePoint Server - Elevation of Privilege
CVSS 8.2
CVE-2024-43600 HIGH
Microsoft Office - Elevation of Privilege
CVSS 7.8
CVE-2024-43594 HIGH
Microsoft System Center 2019 < 10.19.10050.0, 2022 < 10.22.10118.0, 2025 < 10.25.10132.0 - Elevation of Privilege
CVSS 7.3
CVE-2024-48912 HIGH
GLPI 10.0.0-10.0.16 - Authenticated Arbitrary User Account Deletion via Application Endpoint
CVSS 8.1
Details
Vulnerabilities 5,300
Links
MITRE CWE Entry Search this CWE With Exploits