CWE-284
5,077 CVEs • Abstraction: Pillar
Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
CVEs (5,077)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. |
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote attackers to affect confidentiality via unknown vectors. |
1Oracle 1Hospitality Opera 5 Property Services May 6, 2026 Oct 25, 2016 N/A· v4 7.7 HIGH· v3 4.0 MEDIUM· v2 Unspecified vulnerability in the Oracle Hospitality OPERA 5 Property Services component in Oracle Hospitality Applications 5.4.0.0 through 5.4.3.0, 5.5.0.0, and 5.5.1.0 allows remote authenticated users to affect confide...Show more |
Unspecified vulnerability in the Oracle iProcurement component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote authenticated users to affect confidentiality and integrity via unkn...Show more |
1Oracle 1Siebel Customer Order Management May 6, 2026 Oct 25, 2016 N/A· v4 5.4 MEDIUM· v3 5.5 MEDIUM· v2 Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 16.1 allows remote authenticated users to affect confidentiality and integrity via vectors related to OpenUI. |
Unspecified vulnerability in the Oracle Advanced Pricing component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect confidentiality and integrity via unknown ve...Show more |
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D. |
1Oracle 1Platform Security For Java May 6, 2026 Oct 25, 2016 N/A· v4 7.6 HIGH· v3 6.5 MEDIUM· v2 Unspecified vulnerability in the Oracle Platform Security for Java component in Oracle Fusion Middleware 12.1.3.0.0, 12.2.1.0.0, and 12.2.1.1.0 allows remote authenticated users to affect confidentiality, integrity, and...Show more |
1Oracle 1Siebel User Interface Framework May 6, 2026 Oct 25, 2016 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Unspecified vulnerability in the Siebel Apps - Customer Order Management component in Oracle Siebel CRM 16.1 allows remote authenticated users to affect confidentiality via unknown vectors. |
1Oracle 1Primavera P6 Enterprise Project Portfolio Management May 6, 2026 Oct 25, 2016 N/A· v4 5.4 MEDIUM· v3 5.5 MEDIUM· v2 Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 8.4, 15.x, and 16.x allows remote authenticated users to affect confidentiality and integ...Show more |
Unspecified vulnerability in the Oracle Shipping Execution component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect confidentiality via vectors related to Wor...Show more |
1Oracle 1Agile Product Lifecycle Management May 6, 2026 Oct 25, 2016 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-...Show more |
1Oracle 1Agile Product Lifecycle Management May 6, 2026 Oct 25, 2016 N/A· v4 7.3 HIGH· v3 7.5 HIGH· v2 Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Apac...Show more |
Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4.3 allows local users to affect integrity via vectors related to Cluster check files. |
1Oracle 1Agile Product Lifecycle Management May 6, 2026 Oct 25, 2016 N/A· v4 6.5 MEDIUM· v3 7.5 HIGH· v2 Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerabi...Show more |
Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.1.3 allows local users to affect confidentiality via vectors related to AD Utilities. |
Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware allows local users to affect confidentiality and integrity via vectors related to App Server. |
1Oracle 1Flexcube Universal Banking May 6, 2026 Oct 25, 2016 N/A· v4 5.4 MEDIUM· v3 5.5 MEDIUM· v2 Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 through 12.0.3 allows remote authenticated users to affect confidentiality and...Show more |
Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors. |
Unspecified vulnerability in the Oracle Discoverer component in Oracle Fusion Middleware 11.1.1.7.0 allows remote attackers to affect confidentiality via vectors related to EUL Code & Schema. |