Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-284 (访问控制不恰当) — Vulnerability Class 2041

2041 vulnerabilities classified as CWE-284 (访问控制不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-29054 Microsoft Defender for IoT Elevation of Privilege Vulnerability — Microsoft Defender for IoT 7.2 High2024-04-09
CVE-2024-29055 Microsoft Defender for IoT Elevation of Privilege Vulnerability — Microsoft Defender for IoT 7.2 High2024-04-09
CVE-2024-28917 Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability — Azure Arc Extension 6.2 Medium2024-04-09
CVE-2024-26234 Proxy Driver Spoofing Vulnerability — Windows 10 Version 1809 6.7 Medium2024-04-09
CVE-2024-29990 Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability — Azure Kubernetes Service 9.0 Critical2024-04-09
CVE-2024-28922 Secure Boot Security Feature Bypass Vulnerability — Windows 10 Version 1809 4.1 Medium2024-04-09
CVE-2024-21424 Azure Compute Gallery Elevation of Privilege Vulnerability — Azure Compute Gallery 6.5 Medium2024-04-09
CVE-2024-2447 Mattermost 安全漏洞 — Mattermost 6.5 Medium2024-04-05
CVE-2024-29221 Invite ID available to team admins even without the "Add Members" permission — Mattermost 4.7 Medium2024-04-05
CVE-2024-21848 Users maintain access to active call after being removed from a channel — Mattermost 3.1 Low2024-04-05
CVE-2024-30261 Undici's fetch with integrity option is too lax when algorithm is specified but hash value is in incorrect — undici 2.6 Low2024-04-04
CVE-2024-1418 CGC Maintenance Mode <= 1.2 - Sensitive Information Exposure — CGC Maintenance Mode 5.3 Medium2024-04-04
CVE-2024-3270 ThingsBoard AdvancedFeature access control — ThingsBoard 3.8 Low2024-04-03
CVE-2024-20283 Cisco Nexus Dashboard 安全漏洞 — Cisco Nexus Dashboard 4.3 Medium2024-04-03
CVE-2024-20302 Cisco Nexus Dashboard 安全漏洞 — Cisco Nexus Dashboard Orchestrator 5.4 Medium2024-04-03
CVE-2024-3164 dotCMS 安全漏洞 — dotCMS core 4.5 Medium2024-04-01
CVE-2024-28016 NEC Corporation Aterm 安全漏洞 — WG1800HP4 8.1AIHighAI2024-03-28
CVE-2024-25962 Dell InsightIQ 访问控制错误漏洞 — InsightIQ 8.3 High2024-03-27
CVE-2024-1473 Coming Soon & Maintenance Mode by Colorlib <= 1.0.99 - Information Exposure — Coming Soon & Maintenance Mode by Colorlib 5.3 Medium2024-03-20
CVE-2024-1144 Improper Access Control at Alma Devklan Blog — Alma Blog 6.5 Medium2024-03-19
CVE-2024-20767 ColdFusion | Improper Access Control (CWE-284) — ColdFusion 7.4 High2024-03-18
CVE-2024-2481 Surya2Developer Hostel Management System manage-students.php access control — Hostel Management System 6.5 Medium2024-03-15
CVE-2024-20319 Cisco IOS XR 安全漏洞 — Cisco IOS XR Software 4.3 Medium2024-03-13
CVE-2024-20315 Cisco IOS XR 安全漏洞 — Cisco IOS XR Software 5.8 Medium2024-03-13
CVE-2024-20322 Cisco IOS XR 安全漏洞 — Cisco IOS XR Software 5.8 Medium2024-03-13
CVE-2024-1668 Avada <= 7.11.5 - Authenticated(Contributor+) Sensitive Information Exposure via Form Entries — Avada | Website Builder For WordPress & WooCommerce 6.5 Medium2024-03-13
CVE-2024-0687 Restrict User Access – Ultimate Membership & Content Protection <= 2.5 - Information Exposure — Restrict User Access – Ultimate Membership & Content Protection 5.3 Medium2024-03-13
CVE-2024-0377 LifterLMS – WordPress LMS Plugin for eLearning <= 7.5.1 - Missing Authorization via process_review — LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes 5.3 Medium2024-03-13
CVE-2024-0369 Bulk Edit Post Titles <= 5.0.0 - Missing Authorization via bulkUpdatePostTitles — Bulk Edit Post Titles 4.3 Medium2024-03-13
CVE-2024-0631 Duitku Payment Gateway <= 2.11.6 - Missing Authorization via check_duitku_response — Duitku Payment Gateway 5.3 Medium2024-03-13

Vulnerabilities classified as CWE-284 (访问控制不恰当) represent 2041 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.