Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-284 (访问控制不恰当) — Vulnerability Class 2041

2041 vulnerabilities classified as CWE-284 (访问控制不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-40404 Reolink Rlc-410W 授权问题漏洞 — n/a 9.8 -2022-01-28
CVE-2022-0203 Improper Access Control in crater-invoice/crater — crater-invoice/crater 4.3 -2022-01-26
CVE-2022-0270 Improper header sanitization in bored-agent causes escalation of privilege — bored-agent 8.8 High2022-01-25
CVE-2021-23233 Fresenius Kabi Agilia Connect Infusion System — Agilia Link+ 7.3 High2022-01-21
CVE-2021-4016 Rapid7 Insight Agent Improper Access Control — Insight Agent 4.0 Medium2022-01-21
CVE-2021-34402 Nvidia NVIDIA Shield TV 缓冲区错误漏洞 — SHIELD TV 6.7 Medium2022-01-18
CVE-2021-34401 Nvidia NVIDIA Shield TV 访问控制错误漏洞 — SHIELD TV 7.8 High2022-01-18
CVE-2021-37864 Users can view the contents of an archived channel when access is explicitly denied by the system admin — Mattermost 2.6 Low2022-01-18
CVE-2021-28507 An issue has recently been discovered in Arista EOS where, under certain conditions, the service ACL configured for OpenConfig gNOI and OpenConfig RESTCONF might be bypassed, which results in the denied requests being forwarded to the agent. — EOS 5.5 Medium2022-01-14
CVE-2022-23134 Possible view of the setup pages by unauthenticated users if config file already exists — Frontend 3.7 Low2022-01-13
CVE-2022-23132 Incorrect permissions of [/var/run/zabbix] forces dac_override — Proxy, Server 3.3 Low2022-01-13
CVE-2022-0170 Improper Access Control in chocobozzz/peertube — chocobozzz/peertube 4.3 -2022-01-11
CVE-2021-45034 Siemens SICAM A8000 CP-8000 日志信息泄露漏洞 — CP-8000 MASTER MODULE WITH I/O -25/+70°C 6.5 -2022-01-11
CVE-2021-23173 ICSMA-22-006-01 Philips Engage Software — Engage Software 2.6 Low2022-01-07
CVE-2022-0133 Improper Access Control in chocobozzz/peertube — chocobozzz/peertube 4.3 -2022-01-07
CVE-2021-4194 Improper Access Control in bookstackapp/bookstack — bookstackapp/bookstack 7.1 -2022-01-06
CVE-2021-22567 Bidirectional Override in Dart SDK — Dart SDK 4.6 Medium2022-01-05
CVE-2021-25991 ifme - Improper Access Control leads to admin deactivation — ifme 5.7 Medium2021-12-29
CVE-2021-20050 SonicWALL SMA100 安全漏洞 — SonicWall SMA100 7.5 -2021-12-23
CVE-2021-42808 The Sentinel Protection Installer 7.7.0 creates files and directory with all privileges granting any user full permissions. — Sentinel Protection Installer 6.5 Medium2021-12-20
CVE-2021-36888 WordPress Image Hover Effects Ultimate plugin <= 9.6.1 - Unauthenticated Arbitrary Options Update leading to full website compromise — Image Hover Effects Ultimate (WordPress plugin) 9.8 Critical2021-12-15
CVE-2021-4119 Improper Access Control in bookstackapp/bookstack — bookstackapp/bookstack 7.1 -2021-12-15
CVE-2021-24859 User Meta Shortcodes <= 0.5 - Contributor+ Unauthorized Arbitrary User Metadata Access — User meta shortcodes 4.3 -2021-12-13
CVE-2021-24845 Improved Include Page <= 1.2 - Contributor+ Arbitrary Posts/Pages Access — Improved Include Page 6.5 -2021-12-13
CVE-2021-4089 Improper Access Control in snipe/snipe-it — snipe/snipe-it 5.4 -2021-12-10
CVE-2021-22565 Insufficient Granularity of Access Control in GAEN Notification Server — Google Exposure-notifications-verification-server 6.5 Medium2021-12-09
CVE-2021-42124 Ivanti Avalanche 安全漏洞 — Ivanti Avalanche 8.8 -2021-12-07
CVE-2021-35245 Broken Access Control Vulnerability for SolarWinds Serv-U — Serv-U FTP 8.4 High2021-12-06
CVE-2021-26334 AMD Chipset Driver Information Disclosure Vulnerability — μProf Tool 9.9 -2021-12-01
CVE-2020-10627 Insulet Omnipod Insulin Management System 安全漏洞 — Omnipod Insulin Management System 7.3 High2021-12-01

Vulnerabilities classified as CWE-284 (访问控制不恰当) represent 2041 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.