Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-284 (访问控制不恰当) — Vulnerability Class 2041

2041 vulnerabilities classified as CWE-284 (访问控制不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-3992 Improper Access Control in kevinpapst/kimai2 — kevinpapst/kimai2 6.5 -2021-12-01
CVE-2021-4026 Improper Access Control in bookstackapp/bookstack — bookstackapp/bookstack 7.1 -2021-11-30
CVE-2021-42116 Unauthorized Menu Item Access in TopEase — TopEase 4.3 Medium2021-11-30
CVE-2021-36917 WordPress Hide My WP premium plugin <= 6.2.3 - Unauthenticated Plugin Deactivation vulnerability — Hide My WP (WordPress plugin) 6.5 Medium2021-11-24
CVE-2021-3554 Improper Access Control vulnerability in the patchesUpdate API — Endpoint Security Tools for Linux 9.0 Critical2021-11-24
CVE-2021-40130 Cisco Common Services Platform Collector Improper Logging Restriction Vulnerability — Cisco Common Services Platform Collector Software 4.9 Medium2021-11-18
CVE-2021-36909 WordPress WP Reset PRO Premium plugin <= 5.98 - Authenticated Database Reset vulnerability — WP Reset PRO 8.8 High2021-11-18
CVE-2021-35528 Authentication Bypass Vulnerability Vulnerability in Retail Operations Product and Counterparty Settlement and Billing (CSB) — Retail Operations 7.2 High2021-11-17
CVE-2021-42360 Starter Templates — Elementor, Gutenberg & Beaver Builder Templates <= 2.7.0 Authenticated Block Import to Stored XSS — Starter Templates — Elementor, Gutenberg & Beaver Builder Templates 7.6 High2021-11-17
CVE-2021-24853 QR Redirector < 1.6 - Subscriber+ Arbitrary QR Redirect Response Status Update — QR Redirector 3.5 -2021-11-17
CVE-2021-26338 AMD System Management Unit 安全漏洞 — 2nd Gen AMD EPYC™ 7.5 -2021-11-16
CVE-2021-3062 PAN-OS: Improper Access Control Vulnerability Exposing AWS Instance Metadata Endpoint to GlobalProtect Users — PAN-OS 8.1 High2021-11-10
CVE-2020-12488 Broken Access Control Vulnerability in Jovi Smart Scene — Jovi Smart Scene 5.5 Medium2021-11-10
CVE-2021-24816 Phoenix Media Rename < 3.4.4 - Author Arbitrary Media File Renaming — Phoenix Media Rename 4.3 -2021-11-08
CVE-2021-24801 WP Survey Plus <= 1.0 - Subscriber+ AJAX Calls — WP Survey Plus 4.6 -2021-11-08
CVE-2021-24698 Simple Download Monitor < 3.9.6 - Arbitrary Thumbnails Removal — Simple Download Monitor 4.3 -2021-11-08
CVE-2021-42359 WP DSGVO Tools (GDPR) <= 3.1.23 Unauthenticated Arbitrary Post Deletion — WP DSGVO Tools (GDPR) 7.5 High2021-11-05
CVE-2021-25501 Samsung SMR 安全漏洞 — Samsung Mobile Devices 5.7 Medium2021-11-05
CVE-2021-40113 Cisco Catalyst PON Series Switches Optical Network Terminal Vulnerabilities — Cisco Catalyst PON Series 10.0 Critical2021-11-04
CVE-2021-40112 Cisco Catalyst PON Series Switches Optical Network Terminal Vulnerabilities — Cisco Catalyst PON Series 10.0 Critical2021-11-04
CVE-2021-34795 Cisco Catalyst PON Series Switches Optical Network Terminal Vulnerabilities — Cisco Catalyst PON Series 10.0 Critical2021-11-04
CVE-2021-39333 Hashthemes Demo Importer <= 1.1.1 Improper Access Control Allowing Content Deletion — Hashthemes Demo Importer 8.1 High2021-11-01
CVE-2021-24781 Image Source Control < 2.3.1 - Contributor+ Arbitrary Post Meta Value Change — Image Source Control 6.5 -2021-11-01
CVE-2021-41194 Improper Access Control in jupyterhub-firstuseauthenticator — firstuseauthenticator 9.1 Critical2021-10-28
CVE-2021-34794 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SNMP Access Control Vulnerability — Cisco Adaptive Security Appliance (ASA) Software 5.3 Medium2021-10-27
CVE-2021-34754 Cisco Firepower Threat Defense Software Ethernet Industrial Protocol Policy Bypass Vulnerabilities — Cisco Firepower Threat Defense Software 5.8 Medium2021-10-27
CVE-2021-34864 Corel Parallels Desktop 安全漏洞 — Desktop 8.8 -2021-10-25
CVE-2021-38457 AUVESY Versiondog — Versiondog 9.8 Critical2021-10-22
CVE-2021-24752 Multiple Plugins from CatchThemes - Unauthorised Plugin's Setting Change — Essential Widgets 5.7 -2021-10-18
CVE-2021-38454 Moxa MXview Network Management Software — MXview Network Management Software 10.0 Critical2021-10-12

Vulnerabilities classified as CWE-284 (访问控制不恰当) represent 2041 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.