Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-284 (访问控制不恰当) — Vulnerability Class 2041

2041 vulnerabilities classified as CWE-284 (访问控制不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-2686 mingyuefusu 明月复苏 tushuguanlixitong 图书管理系统 Backend admin doFilter access control — tushuguanlixitong 图书管理系统 6.5 Medium2025-03-24
CVE-2025-2557 Audi UTR Dashcam Command API access control — UTR Dashcam 5.5 Medium2025-03-20
CVE-2025-2553 D-Link DIR-618/DIR-605L formVirtualServ access control — DIR-618 4.3 Medium2025-03-20
CVE-2025-2552 D-Link DIR-618/DIR-605L formTcpipSetup access control — DIR-618 4.3 Medium2025-03-20
CVE-2025-2551 D-Link DIR-618/DIR-605L formSetPortTr access control — DIR-618 4.3 Medium2025-03-20
CVE-2025-2550 D-Link DIR-618/DIR-605L DDNS Service formSetDDNS access control — DIR-618 4.3 Medium2025-03-20
CVE-2025-2549 D-Link DIR-618/DIR-605L formSetPassword access control — DIR-618 4.3 Medium2025-03-20
CVE-2025-2548 D-Link DIR-618/DIR-605L formSetDomainFilter access control — DIR-618 4.3 Medium2025-03-20
CVE-2025-2547 D-Link DIR-618/DIR-605L formAdvNetwork access control — DIR-618 4.3 Medium2025-03-20
CVE-2025-2546 D-Link DIR-618/DIR-605L Firewall Service formAdvFirewall access control — DIR-618 4.3 Medium2025-03-20
CVE-2024-11045 Cross-Site WebSocket Hijacking (CSWSH) in automatic1111/stable-diffusion-webui — automatic1111/stable-diffusion-webui 8.8 -2025-03-20
CVE-2023-47539 Fortinet FortiMail 安全漏洞 — FortiMail 9.0 Critical2025-03-18
CVE-2021-22126 4Gon Meru Networks Access Points 信任管理问题漏洞 — FortiWLC 6.5 Medium2025-03-17
CVE-2021-32584 FortiWLC 访问控制错误漏洞 — FortiWLC 4.8 Medium2025-03-17
CVE-2025-2334 274056675 springboot-openai-chatgpt Chat History chat deleteChat access control — springboot-openai-chatgpt 5.4 Medium2025-03-15
CVE-2025-25225 Extension - hikashop.com - Privilege escalation vulnerability Hikashop component version 1.0.0 - 5.1.3 for Joomla — Hikashop component for Joomla 7.2 -2025-03-15
CVE-2025-2280 Devolutions Server 安全漏洞 — Server 5.4 -2025-03-13
CVE-2025-2278 Devolutions Server 安全漏洞 — Server 6.5 -2025-03-13
CVE-2025-20144 Cisco IOS XR Software Access Control List Bypass Vulnerability — Cisco IOS XR Software 4.0 Medium2025-03-12
CVE-2024-13430 Page Builder: Pagelayer – Drag and Drop website builder <= 1.9.8 - Authenticated (Contributor+) Private Post Disclosure in pagelayer_builder_posts_shortcode — Page Builder: Pagelayer – Drag and Drop website builder 4.3 Medium2025-03-12
CVE-2025-2218 LoveCards LoveCardsV2 Setting other access control — LoveCardsV2 5.3 Medium2025-03-12
CVE-2025-23243 NVIDIA Riva 访问控制错误漏洞 — Riva 6.5 Medium2025-03-11
CVE-2025-23242 NVIDIA Riva 访问控制错误漏洞 — Riva 7.3 High2025-03-11
CVE-2025-24994 Microsoft Windows Cross Device Service Elevation of Privilege Vulnerability — Windows 11 version 22H2 7.3 High2025-03-11
CVE-2025-24076 Microsoft Windows Cross Device Service Elevation of Privilege Vulnerability — Windows 11 version 22H2 7.3 High2025-03-11
CVE-2024-9157 Privilege Escalation Vulnerability in CxUIUSvc service — Synaptics Audio Driver 7.8 High2025-03-11
CVE-2025-2121 Thinkware Car Dashcam F800 Pro File Storage access control — Car Dashcam F800 Pro 6.3 Medium2025-03-09
CVE-2025-2090 PHPGurukul Pre-School Enrollment System Sub Admin add-subadmin.php access control — Pre-School Enrollment System 4.7 Medium2025-03-07
CVE-2025-2089 StarSea99 starsea-mall com.siro.mall.controller.mall.UserController updateInfo updateUserInfo access control — starsea-mall 5.4 Medium2025-03-07
CVE-2024-13635 VK Blocks <= 1.94.2.2 - Missing Authorization to Sensitive Information Exposure — VK Blocks 4.3 Medium2025-03-07

Vulnerabilities classified as CWE-284 (访问控制不恰当) represent 2041 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.