Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-284 (访问控制不恰当) — Vulnerability Class 2041

2041 vulnerabilities classified as CWE-284 (访问控制不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-20237 Cisco Intersight 命令注入漏洞 — Cisco Intersight Virtual Appliance 4.3 Medium2023-08-16
CVE-2023-35179 2FA/MFA Bypass Vulnerability in Serv-U 15.4 — Serv-U 7.2 High2023-08-10
CVE-2023-39963 Missing password confirmation when creating app passwords — security-advisories 8.1 High2023-08-10
CVE-2023-39962 Users can delete external storage mount points — security-advisories 7.7 High2023-08-10
CVE-2023-39961 Text does not respect "Allow download" permissions — security-advisories 3.5 Low2023-08-10
CVE-2023-39959 Existence of calendars and address books can be checked by unauthenticated users — security-advisories 3.5 Low2023-08-10
CVE-2023-39952 Advanced permissions not respected when copying entire group folders — security-advisories 6.5 Medium2023-08-10
CVE-2023-36890 Microsoft SharePoint Server Information Disclosure Vulnerability — Microsoft SharePoint Server 2019 6.5 Medium2023-08-08
CVE-2023-38167 Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability — Microsoft Dynamics 365 Business Central 2023 Release Wave 1 7.2 High2023-08-08
CVE-2023-36889 Windows Group Policy Security Feature Bypass Vulnerability — Windows 10 Version 1809 5.5 Medium2023-08-08
CVE-2023-39349 Sentry vulnerable to privilege escalation via ApiTokensEndpoint — sentry 8.1 High2023-08-07
CVE-2023-4183 SourceCodester Inventory Management System Password edit_update.php access control — Inventory Management System 4.3 Medium2023-08-06
CVE-2023-4169 Ruijie RG-EW1200G Administrator Password set_passwd access control — RG-EW1200G 6.3 Medium2023-08-05
CVE-2022-34453 Dell EMC XtremIO XMS 安全漏洞 — XtremIO X2 7.6 High2023-08-03
CVE-2023-37478 pnpm incorrectly parses tar archives relative to specification — pnpm 7.5 High2023-08-01
CVE-2022-43702 Incomplete verification of installation file signature — Arm Compiler 5 (AC5), Arm Compiler for Embedded 6 (AC6), Fast Models (FM), Arm Compiler for Embedded FuSA (ACEF), Arm Development Studio (ADS), Arm Forge (AF), Arm Mobile Studio (AMS), DS-5 Development Studio, Fast Models (FM), GNU Toolchain (GT), Keil MDK (KMDK), Mbed Studio (MS) 7.8 -2023-07-27
CVE-2023-3786 Aures Komet Kiosk Mode access control — Komet 4.3 Medium2023-07-20
CVE-2023-37267 Umbraco allows possible Admin-level access to backoffice without Auth under rare conditions — Umbraco-CMS 7.5 High2023-07-13
CVE-2023-29298 Adobe ColdFusion Improper Access Control Security feature bypass — ColdFusion 7.5 High2023-07-12
CVE-2023-33155 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability — Windows 10 Version 1809 7.8 High2023-07-11
CVE-2023-29130 Siemens SIMATIC CN 4100 安全漏洞 — SIMATIC CN 4100 9.9 Critical2023-07-11
CVE-2023-24489 Citrix Systems Content Collaboration 安全漏洞 — Citrix ShareFile Storage Zones Controller 9.8 Critical2023-07-10
CVE-2023-24490 Users with only access to launch VDA applications can launch an unauthorized desktop — Virtual Delivery Agents for Windows for CVAD and Citrix DaaS Security 6.3 Medium2023-07-10
CVE-2023-24486 Local user access to a system where another user is utilizing a vulnerable version of Citrix Workspace App for Linux to launch published desktops and applications — Citrix Workspace app for Linux 7.8 -2023-07-10
CVE-2023-3273 SICK ICR890-4 安全漏洞 — ICR890-4 7.5 High2023-07-10
CVE-2023-3271 SICK ICR890-4 安全漏洞 — ICR890-4 8.2 High2023-07-10
CVE-2023-35940 GLPI vulnerable to unauthenticated access to Dashboard data — glpi 7.5 High2023-07-05
CVE-2023-35939 GLPI vulnerable to unauthorized access to Dashboard data — glpi 8.1 High2023-07-05
CVE-2023-34107 GLPI vulnerable to unauthorized access to KnowbaseItem data — glpi 6.5 Medium2023-07-05
CVE-2023-34106 GLPI vulnerable to unauthorized access to User data — glpi 6.5 Medium2023-07-05

Vulnerabilities classified as CWE-284 (访问控制不恰当) represent 2041 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.