Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-284 (访问控制不恰当) — Vulnerability Class 2041

2041 vulnerabilities classified as CWE-284 (访问控制不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-21380 Azure Marketplace SaaS Resources Information Disclosure Vulnerability — Marketplace SaaS 8.8 High2025-01-09
CVE-2024-13240 Open Social - Moderately critical - Access bypass - SA-CONTRIB-2024-004 — Open Social 5.3 -2025-01-09
CVE-2024-13211 SingMR HouseRent AdminController.java access control — HouseRent 6.3 Medium2025-01-09
CVE-2024-13200 wander-chu SpringBoot-Blog HTTP POST Request BaseInterceptor.java preHandle access control — SpringBoot-Blog 7.3 High2025-01-09
CVE-2024-40749 [20250103] - Core - Read ACL violation in multiple core views — Joomla! CMS 6.5 -2025-01-07
CVE-2025-0206 code-projects Online Shoe Store index.php access control — Online Shoe Store 5.3 Medium2025-01-04
CVE-2024-13108 D-Link DIR-816 A2 form2NetSniper.cgi access control — DIR-816 A2 5.3 Medium2025-01-02
CVE-2024-13107 D-Link DIR-816 A2 ACL form2LocalAclEditcfg.cgi access control — DIR-816 A2 5.3 Medium2025-01-02
CVE-2024-13106 D-Link DIR-816 A2 IP QoS form2IPQoSTcAdd access control — DIR-816 A2 5.3 Medium2025-01-02
CVE-2024-13105 D-Link DIR-816 A2 DHCPD Setting form2Dhcpd.cgi access control — DIR-816 A2 5.3 Medium2025-01-02
CVE-2024-13104 D-Link DIR-816 A2 WiFi Settings form2AdvanceSetup.cgi access control — DIR-816 A2 5.3 Medium2025-01-02
CVE-2024-13103 D-Link DIR-816 A2 Virtual Service form2AddVrtsrv.cgi access control — DIR-816 A2 5.3 Medium2025-01-02
CVE-2024-13102 D-Link DIR-816 A2 DDNS Service access control — DIR-816 A2 5.3 Medium2025-01-02
CVE-2024-25133 Openshift-dedicated: hive: rce through aws/kubernetes client configuration leads to privilege escalation 8.8 High2024-12-31
CVE-2024-13067 CodeAstro Online Food Ordering System All Users Page all_users.php access control — Online Food Ordering System 5.3 Medium2024-12-31
CVE-2024-13030 D-Link DIR-823G Web Management Interface HNAP1 SetVirtualServerSettings access control — DIR-823G 7.3 High2024-12-30
CVE-2024-56330 Session VNC may be accessed by other sessions on the same host in stardust — stardust 6.5 -2024-12-20
CVE-2024-9503 Maintenance & Coming Soon Redirect Animation <= 2.1.3 - Missing Authorization to Settings Update — Maintenance & Coming Soon Redirect Animation 4.3 Medium2024-12-20
CVE-2024-11358 Insecure Android File Provider Paths — Mattermost 5.7 Medium2024-12-16
CVE-2024-24902 Dell RecoverPoint for Virtual Machines 访问控制错误漏洞 — RecoverPoint for Virtual Machines 6.6 Medium2024-12-13
CVE-2024-54096 Huawei EMUI和Huawei HarmonyOS 安全漏洞 — HarmonyOS 5.3 Medium2024-12-12
CVE-2024-10124 Vayu Blocks – Gutenberg Blocks for WordPress & WooCommerce <= 1.1.1 - Missing Authorization to Unauthenticated Arbitrary Plugin Installation/Activation — Vayu Blocks – Website Builder for the Block Editor 9.8 Critical2024-12-12
CVE-2024-48912 GLPI vulnerable to authenticated insecure account deletion — glpi 6.5 -2024-12-11
CVE-2024-47760 GLPI vulnerable to account takeover via API — glpi 8.8 -2024-12-11
CVE-2024-47758 GLPI vulnerable to account takeover without privilege escalation through the API — glpi 8.8 -2024-12-11
CVE-2024-12294 Last Viewed Posts by WPBeginner <= 1.0.1 - Unauthenticated Sensitive Information Exposure — Last Viewed Posts by WPBeginner 5.3 Medium2024-12-11
CVE-2024-43717 Adobe Experience Manager | Improper Access Control (CWE-284) — Adobe Experience Manager 4.3 Medium2024-12-10
CVE-2024-43716 Adobe Experience Manager | Improper Access Control (CWE-284) — Adobe Experience Manager 4.3 Medium2024-12-10
CVE-2024-54038 Adobe Connect | Improper Access Control (CWE-284) — Adobe Connect 4.3 Medium2024-12-10
CVE-2024-49105 Remote Desktop Client Remote Code Execution Vulnerability — Windows 10 Version 1809 8.4 High2024-12-10

Vulnerabilities classified as CWE-284 (访问控制不恰当) represent 2041 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.