Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,300 vulnerabilities with CWE-284

CVE-2024-45233 CRITICAL

Powermail extension <12.3.5 - Broken Access Control

CVE-2024-44915 MEDIUM

IrfanView 4.67.1.0 - Denial of Service via Crafted EXR File

CVE-2024-44914 MEDIUM

IrfanView 4.67.1.0 - Denial of Service via Crafted EXR File

CVE-2024-44913 MEDIUM

Irfanview <4.67.1.0 - Memory Corruption

CVE-2024-20279 MEDIUM

Cisco Application Policy Infrastructure Controller - Authenticated Improper Access Control in Restricted Security Domain

CVE-2024-8216 MEDIUM

nafisulbari life_insurance_management_system 1.0 - Improper Access Control in Payment Handler

CVE-2024-5814 MEDIUM

wolfssl < 5.7.0 - TLS Ciphersuite Downgrade via Incomplete Server Hello Parsing

CVE-2024-36068 CRITICAL

Rubrik CDM <9.1.2-p1-8.1.3-p12 - RCE

CVE-2024-8164 MEDIUM

beikeshop < 1.5.5 - Unrestricted File Upload via FileManagerController rename Function

CVE-2024-43031 MEDIUM

autman 2.9.6 - Improper Access Control

CVE-2024-42766 MEDIUM

Kashipara Bus Ticket Reservation System v1.0 - Info Disclosure

CVE-2024-40766 CRITICAL KEV

SonicWall - Improper Access Control

CVE-2024-43477 HIGH

Microsoft Entra ID - Unauthenticated Improper Access Control in Decentralized Identity Services

CVE-2024-42776 HIGH

Kashipara Hotel Management System v1.0 - Info Disclosure

CVE-2024-42775 CRITICAL

Kashipara Hotel Management System <1.0 - Info Disclosure

CVE-2024-42772 HIGH

Kashipara Hotel Management System <1.0 - Info Disclosure

CVE-2024-43780 MEDIUM

Mattermost 9.5.0-9.5.7 9.8.0-9.8.2 9.9.0-9.9.1 9.10.0 - Unauthenticated File Upload via Guest User Channel Access

CVE-2024-42497 MEDIUM

Mattermost <9.9.1-9.10.0 - Privilege Escalation

CVE-2024-40884 LOW

Mattermost <9.5.8, <9.10.1 - Privilege Escalation

CVE-2024-3127 MEDIUM

GitLab EE <17.1.6-17.2.4-17.3.1 - Auth Bypass

CVE-2024-36441 MEDIUM

Swissphone DiCal-RED 4009 - Info Disclosure

CVE-2024-36443 HIGH

Swissphone DiCal-RED 4009 - Info Disclosure

CVE-2024-8071 MEDIUM

Mattermost <9.9.1-9.10.0 - Privilege Escalation

CVE-2024-43813 MEDIUM

Mattermost 9.5.0-9.5.7 and 9.10.0 - Authenticated Improper Access Control

CVE-2024-32939 MEDIUM

Mattermost 9.5.0-9.5.7 9.8.0-9.8.2 9.9.0-9.9.1 9.10.0 - Improper Access Control in Shared Channels

Previous Page 98 of 212 Next

Details

Vulnerabilities 5,300

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy