Filtered by CWE-284
Total 3922 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-28715 1 Intel 1 Oneapi 2024-11-21 5 Medium
Improper access control in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.2 may allow an authenticated user to potentially enable denial of service via local access.
CVE-2023-28714 3 Intel, Intel Proset Wireless Wifi Software For Windows, Microsoft 3 Proset\/wireless Wifi, Intel Proset Wireless Wifi Software For Windows, Windows 2024-11-21 8.2 High
Improper access control in firmware for some Intel(R) PROSet/Wireless WiFi software for Windows before version 22.220 HF (Hot Fix) may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2023-28397 3 Intel, Linux, Microsoft 3 Aptio V Uefi Firmware Integrator Tools, Linux Kernel, Windows 2024-11-21 7.8 High
Improper access control in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated to potentially enable escalation of privileges via local access.
CVE-2023-28396 2024-11-21 6.1 Medium
Improper access control in firmware for some Intel(R) Thunderbol(TM) Controllers versions before 41 may allow a privileged user to enable denial of service via local access.
CVE-2023-28372 1 Purestorage 1 Purity 2024-11-21 6.5 Medium
A flaw exists in FlashBlade Purity (OE) Version 4.1.0 whereby a user with privileges to extend an object’s retention period can affect the availability of the object lock.
CVE-2023-27879 1 Intel 8 Optane Memory H20 With Solid State Storage, Optane Memory H20 With Solid State Storage Firmware, Optane Ssd 905p and 5 more 2024-11-21 6.8 Medium
Improper access control in firmware for some Intel(R) Optane(TM) SSD products may allow an unauthenticated user to potentially enable information disclosure via physical access.
CVE-2023-27509 1 Intel 1 Ispc Software Installer 2024-11-21 6.6 Medium
Improper access control in some Intel(R) ISPC software installers before version 1.19.0 may allow an authenticated user to potentially enable escalation of privileges via local access.
CVE-2023-27391 1 Intel 29 Advisor For Oneapi, Cpu Runtime For Opencl Applications, Distribution For Python Programming Language and 26 more 2024-11-21 6.7 Medium
Improper access control in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2023-27303 1 Intel 1 Thunderbolt Dch Driver 2024-11-21 3.8 Low
Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2023-27301 1 Intel 1 Thunderbolt Dch Driver 2024-11-21 4.2 Medium
Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2023-26596 1 Intel 1 Thunderbolt Dch Driver 2024-11-21 2.5 Low
Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentially enable denial of service via local access.
CVE-2023-26585 1 Intel 1 Thunderbolt Dch Driver 2024-11-21 5 Medium
Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentially enable denial of service via local access.
CVE-2023-26347 1 Adobe 1 Coldfusion 2024-11-21 7.5 High
Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An unauthenticated attacker could leverage this vulnerability to access the administration CFM and CFC endpoints. Exploitation of this issue does not require user interaction.
CVE-2023-26205 1 Fortinet 1 Fortiadc 2024-11-21 7.9 High
An improper access control vulnerability [CWE-284] in FortiADC automation feature 7.1.0 through 7.1.2, 7.0 all versions, 6.2 all versions, 6.1 all versions may allow an authenticated low-privileged attacker to escalate their privileges to super_admin via a specific crafted configuration of fabric automation CLI script.
CVE-2023-25777 1 Intel 1 Thunderbolt Dch Driver 2024-11-21 7.9 High
Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2023-25773 1 Intel 1 Unite 2024-11-21 7.5 High
Improper access control in the Intel(R) Unite(R) Hub software installer for Windows before version 4.2.34962 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2023-25757 1 Intel 1 Unison 2024-11-21 7.3 High
Improper access control in some Intel(R) Unison(TM) software before version 10.12 may allow a privileged user to potentially enable escalation of privilege via network access.
CVE-2023-25605 1 Fortinet 1 Fortisoar 2024-11-21 7.5 High
A improper access control vulnerability in Fortinet FortiSOAR 7.3.0 - 7.3.1 allows an attacker authenticated on the administrative interface to perform unauthorized actions via crafted HTTP requests.
CVE-2023-25525 1 Nvidia 1 Cumulus Linux 2024-11-21 7.5 High
NVIDIA Cumulus Linux contains a vulnerability in forwarding where a VxLAN-encapsulated IPv6 packet received on an SVI interface with DMAC/DIPv6 set to the link-local address of the SVI interface may be incorrectly forwarded. A successful exploit may lead to information disclosure.
CVE-2023-24490 1 Citrix 2 Linux Virtual Delivery Agent, Virtual Apps And Desktops 2024-11-21 6.3 Medium
Users with only access to launch VDA applications can launch an unauthorized desktop