Vulnerabilities > Improper Access Control

DATE CVE VULNERABILITY TITLE RISK
2024-07-23 CVE-2024-38164 An improper access control vulnerability in GroupMe allows an a unauthenticated attacker to elevate privileges over a network by convincing a user to click on a malicious link.
network
low complexity
CWE-284
critical
 9.6
9.6
2024-06-27 CVE-2024-1153 Improper Access Control vulnerability in Talya Informatics Travel APPS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travel APPS: before v17.0.68.
low complexity
CWE-284
4.3
4.3
2024-06-13 CVE-2024-34112 ColdFusion versions 2023u7, 2021u13 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary file system read.
network
low complexity
CWE-284
7.5
7.5
2024-06-13 CVE-2024-34107 Improper Access Control vulnerability in Adobe Commerce and Magento
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass.
network
low complexity
adobe CWE-284
critical
 9.8
9.8
2024-06-13 CVE-2024-26029 Improper Access Control vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass.
network
low complexity
adobe CWE-284
critical
 9.8
9.8
2024-05-28 CVE-2024-22187 A write-what-where vulnerability exists in the Programming Software Connection Remote Memory Diagnostics functionality of AutomationDirect P3-550E 1.2.10.9.
network
low complexity
CWE-284
critical
 9.1
9.1
2024-05-28 CVE-2024-23315 A read-what-where vulnerability exists in the Programming Software Connection IMM 01A1 Memory Read functionality of AutomationDirect P3-550E 1.2.10.9.
network
low complexity
CWE-284
7.5
7.5
2024-05-15 CVE-2024-34099 Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
CWE-284
7.8
7.8
2024-05-01 CVE-2024-28978 Improper Access Control vulnerability in Dell Openmanage Enterprise 3.10/4.0
Dell OpenManage Enterprise, versions 3.10 and 4.0, contains an Improper Access Control vulnerability.
network
low complexity
dell CWE-284
6.5
6.5
2024-04-17 CVE-2023-43491 An information disclosure vulnerability exists in the web interface /cgi-bin/debug_dump.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU).
network
low complexity
CWE-284
5.3
5.3