Vulnerabilities > Improper Access Control

DATE	CVE	VULNERABILITY TITLE	RISK
2025-05-07	CVE-2025-20223	A vulnerability in Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, remote attacker to read and modify data in a repository that belongs to an internal service of an affected device. This vulnerability is due to insufficient enforcement of access control on HTTP requests. network low complexity CWE-284	4.7
2025-05-06	CVE-2024-49842	Improper Access Control vulnerability in Qualcomm products Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions. local low complexity qualcomm CWE-284	7.8
2025-05-06	CVE-2025-21469	Improper Access Control vulnerability in Qualcomm products Memory corruption while processing image encoding, when input buffer length is 0 in IOCTL call. local low complexity qualcomm CWE-284	7.8
2025-05-06	CVE-2025-21470	Improper Access Control vulnerability in Qualcomm products Memory corruption while processing image encoding, when configuration is NULL in IOCTL parameter. local low complexity qualcomm CWE-284	7.8
2025-05-05	CVE-2025-4281	A vulnerability, which was classified as problematic, was found in Shenzhen Sixun Software Sixun Shanghui Group Business Management System 7. network low complexity CWE-284	4.3
2025-05-05	CVE-2025-4270	Improper Access Control vulnerability in Totolink A720R Firmware 4.1.5Cu.374 A vulnerability was found in TOTOLINK A720R 4.1.5cu.374. network low complexity totolink CWE-284	7.5
2025-05-05	CVE-2025-4271	Improper Access Control vulnerability in Totolink A720R Firmware 4.1.5Cu.374 A vulnerability was found in TOTOLINK A720R 4.1.5cu.374. network low complexity totolink CWE-284	5.3
2025-04-30	CVE-2025-32376	Improper Access Control vulnerability in Discourse Discourse is an open-source discussion platform. network low complexity discourse CWE-284	4.3
2025-04-12	CVE-2025-32726	Improper access control in Visual Studio Code allows an authorized attacker to elevate privileges locally. local low complexity CWE-284	6.8
2025-04-08	CVE-2025-27190	Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. network low complexity CWE-284	5.3

Vulnerabilities > Improper Access Control {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Improper Access Control"}]}

Vulnerabilities > Improper Access Control