Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,300 vulnerabilities with CWE-284

CVE-2024-46280 HIGH

PIX-LINK LV-WR22 RE3002-P1-01_V117.0 - Info Disclosure

CVE-2024-9321 MEDIUM

SourceCodester Online Railway Reservation System 1.0 - Improper Access Control in Admin Inquiry Details

CVE-2024-9298 MEDIUM

SourceCodester Online Railway Reservation System 1.0 - Improper Access Control in Ticket Handler

CVE-2024-46097 HIGH

TestLink 1.9.20 - Incorrect Access Control in TestPlan Editing

CVE-2024-46627 CRITICAL

BECN DATAGERRY v2.2 - Improper Access Control

CVE-2024-45982 HIGH

scheduleR <0.0.18 - Host Header Injection

CVE-2024-44860 HIGH

Solvait 24.4.2 - Information Disclosure via /Letter/PrintQr/ Endpoint

CVE-2024-41605 HIGH

Foxit PDF Reader <2024.3 & PDF Editor <2024.3/13.1.4 - Code Injection

CVE-2024-47145 LOW

Mattermost <9.5.8 - Info Disclosure

CVE-2024-42406 MEDIUM

Mattermost <9.11.0-9.5.8 - Info Disclosure

CVE-2024-20465 MEDIUM

Cisco Industrial Ethernet - Auth Bypass

CVE-2024-46610 HIGH

IceCMS < 3.4.7 - Unauthenticated Arbitrary User Information Modification via UserController ChangeUser Endpoint

CVE-2024-46609 HIGH

IceCMS < 3.4.7 - Unauthenticated Information Disclosure via CheckVip Function

CVE-2024-46607 HIGH

IceCMS < 3.4.7 - Unauthenticated Authentication Bypass via LoginAdmin Method

CVE-2024-42797 CRITICAL

Kashipara Music Management System v1.0 - Info Disclosure

CVE-2024-45489 CRITICAL

Arc < 2024-08-26 - Remote Code Execution via Misconfigured Firebase ACLs

CVE-2024-9003 MEDIUM

JFlow 2.0.0 - Improper Access Control in Attachment Handler

CVE-2024-38016 HIGH

Microsoft Office Visio - Remote Code Execution

CVE-2024-46990 MEDIUM

Directus < 10.13.3 - Improper Access Control via Loopback Device Bypass

CVE-2024-45811 MEDIUM

Vite 5.4.0-5.4.5, 5.3.0-5.3.5, 5.0.0-5.2.13, 4.0.0-4.5.4, < 3.2.11 - Unauthenticated Arbitrary File Read via @fs Bypass

CVE-2024-40825 MEDIUM

macOS < 15 and visionOS < 2 - Unauthorized System File Modification

CVE-2024-42796 MEDIUM

Kashipara Music Management System <1.0 - Info Disclosure

CVE-2024-42795 MEDIUM

Kashipara Music Management System <1.0 - Info Disclosure

CVE-2024-42794 MEDIUM

Kashipara Music Management System v1.0 - Info Disclosure

CVE-2024-36261 LOW

Intel RAID Web Console - Authenticated Denial of Service via Adjacent Access

Previous Page 96 of 212 Next

Details

Vulnerabilities 5,300

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy