Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,104 vulnerabilities with CWE-863

CVE-2021-31926 MEDIUM

CubeCoders AMP 2.1.0-2.1.1.1 - Authenticated Firewall Port Opening via API Endpoint

CVE-2021-1086 HIGH

NVIDIA vGPU <12.2, <11.4, <8.7 - Privilege Escalation

CVE-2021-30638 HIGH

Apache Tapestry <5.6.3, <5.7.0-5.7.1 - Info Disclosure

CVE-2021-29158 MEDIUM

Sonatype Nexus Repository Manager 3 <= 3.30.0 - Incorrect Access Control

CVE-2021-31554 MEDIUM

MediaWiki < 1.35.2 - Incorrect Authorization in AbuseFilter Extension

CVE-2021-31552 MEDIUM

MediaWiki < 1.35.2 - Incorrect Authorization in AbuseFilter Account Creation Rules

CVE-2021-31548 MEDIUM

MediaWiki < 1.35.2 - Incorrect Authorization in AbuseFilter Extension

CVE-2021-28793 CRITICAL

vscode-restructuredtext < 147.0.0 - Arbitrary Binary Execution via Workspace Configuration

CVE-2021-3493 HIGH KEV

2021 Ubuntu Overlayfs LPE

CVE-2021-29452 HIGH

a12n-server 0.18.0-0.18.1 - Authenticated Privilege Escalation via User Edit HAL-Form

CVE-2021-28826 HIGH

TIBCO Messaging - Eclipse Mosquitto Distribution - Bridge < 1.3.0 - Privilege Escalation via Unrestricted File Access

CVE-2021-28825 HIGH

TIBCO Messaging - Eclipse Mosquitto < 1.3.0 - Privilege Escalation via File Access

CVE-2021-29439 HIGH

Grav Admin Plugin < 1.10.11 - Incorrect Authorization Leading to Arbitrary Plugin Installation

CVE-2021-29437 HIGH

scratchoauth2 < 2021-04-13 - Unauthenticated Incorrect Authorization via Login Code Spoofing

CVE-2021-27086 HIGH

Windows 10 and Windows Server 2016/2019 - Incorrect Authorization

CVE-2021-29943 CRITICAL

Apache Solr < 8.8.2 - Incorrect Authorization via ConfigurableInternodeAuthHadoopPlugin

CVE-2021-25356 HIGH

Managed Provisioning <SMR APR-2021 Release 1 - Privilege Escalation

CVE-2021-24207 MEDIUM

WP Page Builder < 1.2.4 - Improper Privilege Management

CVE-2021-26718 MEDIUM

Kaspersky Internet Security < 21.1 - Anti-Virus Protection Bypass

CVE-2021-29642 MEDIUM

GistPad < 0.2.7 - GitHub Access Token Leakage via Crafted Workspace Folder

CVE-2021-28936 HIGH

Acexy Wireless-N WiFi Repeater REV 1.0 (28.08.06.1) - Unauthenticated Administrator Password Change

CVE-2021-21411 MEDIUM

oauth2_proxy 7.0.0-7.0.x - Incorrect Authorization via GitLab Group Membership Bypass

CVE-2021-21389 HIGH

BuddyPress 5.0.0-7.2.0 - Unauthenticated Privilege Escalation via REST API Members Endpoint

CVE-2021-27195 MEDIUM

Netop Vision Pro <= 9.7.1 - Improper Authorization via Network Traffic Replay

CVE-2021-22186 MEDIUM

GitLab 9.4.0-13.7.7 - Incorrect Authorization in Group CI/CD Variables

Previous Page 100 of 125 Next

Details

Vulnerabilities 3,104

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy