CWE-284 (访问控制不恰当) — Vulnerability Class 2041

2041 vulnerabilities classified as CWE-284 (访问控制不恰当). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2024-40586	Fortinet FortiClient 访问控制错误漏洞 — FortiClientWindows	6.3	Medium	2025-02-11
CVE-2025-24532	Siemens SCALANCE Series 访问控制错误漏洞 — SCALANCE WAB762-1	4.3	Medium	2025-02-11
CVE-2022-26389	Improper Access Control Vulnerability in ELI Electrocardiograph Devices — ELI 380 Resting Electrocardiograph	7.7	High	2025-02-07
CVE-2025-24968	Business Logic And Unrestricted Project Deletion Lead To Take Over the System in reNgine — rengine	8.8	High	2025-02-04
CVE-2024-13514	B Slider- Gutenberg Slider Block for WP <= 1.1.23 - Authenticated (Contributor+) Private Post Disclosure via bsb-slider Shortcode — bSlider – Create Responsive Image, Post, Product, and Video Sliders	4.3	Medium	2025-02-04
CVE-2024-35177	Improper Access Control in wazuh-agent — wazuh	7.8	High	2025-02-03
CVE-2024-23920	ChargePoint Home Flex Improper Access Control — Home Flex	8.8	High	2025-01-31
CVE-2025-24885	pwn.college has a XSS on dojo pages — dojo	7.6	High	2025-01-30
CVE-2025-23367	Org.wildfly.core:wildfly-server: wildfly improper rbac permission	6.5	Medium	2025-01-30
CVE-2025-0745	Improper Access Control vulnerability in EmbedAI — EmbedAI	7.5	High	2025-01-30
CVE-2025-0744	Improper Access Control vulnerability in EmbedAI — EmbedAI	7.5	High	2025-01-30
CVE-2025-0743	Improper Access Control vulnerability in EmbedAI — EmbedAI	5.3	Medium	2025-01-30
CVE-2025-0742	Improper Access Control vulnerability in EmbedAI — EmbedAI	5.8	Medium	2025-01-30
CVE-2025-0741	Improper Access Control vulnerability in EmbedAI — EmbedAI	5.8	Medium	2025-01-30
CVE-2025-0740	Improper Access Control vulnerability in EmbedAI — EmbedAI	8.6	High	2025-01-30
CVE-2025-0739	Improper Access Control vulnerability in EmbedAI — EmbedAI	8.6	High	2025-01-30
CVE-2024-13457	Event Tickets <= 5.18.1 - Insecure Direct Object Reference to Sensitive Information Exposure — Event Tickets and Registration	5.3	Medium	2025-01-30
CVE-2025-0802	SourceCodester Best Employee Management System Administrative Endpoint View_user.php access control — Best Employee Management System	7.3	High	2025-01-29
CVE-2025-0783	pankajindevops scale API Endpoint access control — scale	6.3	Medium	2025-01-28
CVE-2025-24365	vaultwarden allows escalation of privilege via variable confusion in OrgHeaders trait — vaultwarden	8.1	High	2025-01-27
CVE-2025-0650	Ovn: egress acls may be bypassed via specially crafted udp packet	8.1	High	2025-01-23
CVE-2025-21185	Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability — Microsoft Edge (Chromium-based)	6.5	Medium	2025-01-17
CVE-2024-12370	WP Hotel Booking <= 2.1.5 - Missing Authorization — WP Hotel Booking	5.3	Medium	2025-01-17
CVE-2025-21340	Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability — Windows 10 Version 1809	5.5	Medium	2025-01-14
CVE-2025-21213	Secure Boot Security Feature Bypass Vulnerability — Windows 10 Version 1507	4.6	Medium	2025-01-14
CVE-2025-21202	Windows Recovery Environment Agent Elevation of Privilege Vulnerability — Windows 10 Version 1507	6.1	Medium	2025-01-14
CVE-2025-21405	Visual Studio Elevation of Privilege Vulnerability — Microsoft Visual Studio 2022 version 17.12	7.3	High	2025-01-14
CVE-2025-21301	Windows Geolocation Service Information Disclosure Vulnerability — Windows 10 Version 1507	6.5	Medium	2025-01-14
CVE-2025-21293	Active Directory Domain Services Elevation of Privilege Vulnerability — Windows 10 Version 1507	8.8	High	2025-01-14
CVE-2024-45326	Fortinet FortiDeceptor 访问控制错误漏洞 — FortiDeceptor	3.9	Medium	2025-01-14

Vulnerabilities classified as CWE-284 (访问控制不恰当) represent 2041 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-284 (访问控制不恰当) — Vulnerability Class 2041