Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-284 (访问控制不恰当) — Vulnerability Class 2041

2041 vulnerabilities classified as CWE-284 (访问控制不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-43456 Windows Remote Desktop Services Tampering Vulnerability — Windows Server 2019 4.8 Medium2024-10-08
CVE-2024-43503 Microsoft SharePoint Elevation of Privilege Vulnerability — Microsoft SharePoint Enterprise Server 2016 7.8 High2024-10-08
CVE-2024-9576 Improper access control in Linux Workbooth Distro — Linux Workbooth 7.0 High2024-10-07
CVE-2024-45408 eLabFTW contains a direct and indirect information disclosure — elabftw 7.5 High2024-10-01
CVE-2024-9321 SourceCodester Online Railway Reservation System view_details.php access control — Online Railway Reservation System 5.3 Medium2024-09-29
CVE-2024-9298 SourceCodester Online Railway Reservation System Ticket ?page=tickets access control — Online Railway Reservation System 4.3 Medium2024-09-28
CVE-2024-42406 Unauthorized access on archived channels — Mattermost 5.4 Medium2024-09-26
CVE-2024-47145 Unauthorized access on archived channels via file links — Mattermost 3.1 Low2024-09-26
CVE-2024-20465 Cisco IOS 安全漏洞 — IOS 5.8 Medium2024-09-25
CVE-2024-9003 Jinan Chicheng Company JFlow Attachment EntityMutliFile_Load.do AttachmentUploadController access control — JFlow 4.3 Medium2024-09-19
CVE-2024-38016 Microsoft Office Visio Remote Code Execution Vulnerability — Microsoft Office LTSC 2021 7.8 High2024-09-19
CVE-2024-46990 SSRF Loopback IP filter bypass in directus — directus 5.0 Medium2024-09-18
CVE-2024-39772 Silent Desktop Screenshot Capture — Mattermost 3.7 Low2024-09-16
CVE-2024-8779 The SYSCOM Group OMFLOW - Broken Access Control — OMFLOW 8.8 High2024-09-16
CVE-2024-8269 MStore API – Create Native Android & iOS Apps On The Cloud <= 4.15.3 - Unauthorized User Registration — MStore API – Create Native Android & iOS Apps On The Cloud 7.3 High2024-09-13
CVE-2024-20343 Cisco IOS XR Software CLI Arbitrary File Read Vulnerability — Cisco IOS XR Software 5.5 Medium2024-09-11
CVE-2024-43479 Microsoft Power Automate Desktop Remote Code Execution Vulnerability — Power Automate for Desktop 8.5 High2024-09-10
CVE-2024-37341 Microsoft SQL Server Elevation of Privilege Vulnerability — Microsoft SQL Server 2017 (GDR) 8.8 High2024-09-10
CVE-2024-43492 Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability — Microsoft AutoUpdate for Mac 7.8 High2024-09-10
CVE-2024-38220 Azure Stack Hub Elevation of Privilege Vulnerability — Azure Stack Hub 9.0 Critical2024-09-10
CVE-2024-45323 Fortinet FortiEDR 访问控制错误漏洞 — FortiEDR Manager 4.6 Medium2024-09-10
CVE-2024-37993 Siemens SIMATIC 访问控制错误漏洞 — SIMATIC Reader RF610R CMIIT 5.3 Medium2024-09-10
CVE-2024-39580 Dell InsightIQ 访问控制错误漏洞 — PowerScale InsightIQ 6.7 Medium2024-09-10
CVE-2024-6796 Vulnerability in Baxter Connex Health Portal — Connex Health Portal 8.2 High2024-09-09
CVE-2024-45392 SuiteCRM has wrong deletion permission checks on API delete call — SuiteCRM 7.7 High2024-09-05
CVE-2024-45313 Insecure default setting for Server Pro installed via Overleaf toolkit — overleaf 5.4 Medium2024-09-02
CVE-2024-20279 Cisco Application Policy Infrastructure Controller Unauthorized Policy Actions Vulnerability — Cisco Application Policy Infrastructure Controller (APIC) 4.3 Medium2024-08-28
CVE-2024-8216 nafisulbari/itsourcecode Insurance Management System Payment editPayment.php access control — Insurance Management System 5.4 Medium2024-08-27
CVE-2024-40766 SonicWALL SonicOS 访问控制错误漏洞 — SonicOS 7.5AIHighAI2024-08-23
CVE-2024-43477 Microsoft Entra ID Elevation of Privilege Vulnerability — Microsoft Entra 7.5 High2024-08-23

Vulnerabilities classified as CWE-284 (访问控制不恰当) represent 2041 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.