Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,104 vulnerabilities with CWE-863

CVE-2021-22176 MEDIUM

GitLab 3.0.1-13.6.7 - Incorrect Authorization for Demoted Project Members

CVE-2021-28824 HIGH

TIBCO ActiveSpaces <= 4.5.0 - Privilege Escalation via Unrestricted Installation Directory

CVE-2021-28823 HIGH

TIBCO eFTL < 6.6.0 - Privilege Escalation via Unrestricted Installation Directory

CVE-2021-28821 HIGH

TIBCO Enterprise Message Service < 8.5.1 - Privilege Escalation via Unrestricted File Access

CVE-2021-28819 HIGH

TIBCO FTL < 6.6.0 - Privilege Escalation via Unrestricted Installation Directory

CVE-2021-28146 MEDIUM

Grafana Enterprise 7.4.x <7.4.5 - Privilege Escalation

CVE-2021-28791 HIGH

swiftformat < 1.3.7 - Remote Code Execution via Crafted swiftformat.path Configuration

CVE-2021-21624 MEDIUM

Jenkins Role-based Authorization Strategy Plugin < 3.1 - Incorrect Authorization

CVE-2021-21623 MEDIUM

Jenkins Matrix Authorization Strategy Plugin < 2.6.5 - Incorrect Authorization

CVE-2021-28681 MEDIUM

Pion WebRTC < 3.0.15 - Incorrect Authorization via DTLS Connection Handling

CVE-2021-20676 MEDIUM

M-System DL8-A/B/C/D/E Firmware < 3.0 - Authenticated Incorrect Authorization

CVE-2021-20283 MEDIUM

moodle 3.5.0-3.5.16 and 3.10.0-3.10.1 - Missing Authorization in Course Enrollment Web Service

CVE-2021-20282 MEDIUM

moodle 3.5.0-3.5.16 - Incorrect Authorization in User Account Verification

CVE-2021-20281 MEDIUM

moodle 3.5.0-3.5.16 and 3.10.0-3.10.1 - Exposure of Sensitive Information via Online Users Block

CVE-2021-20179 HIGH

dogtagpki - Incorrect Authorization in Certificate Renewal

CVE-2021-28373 HIGH

Tiny Tiny RSS <2021-03-12 - Auth Bypass

CVE-2021-21367 MEDIUM

elementary switchboard_bluetooth_plug 2.3.0-2.3.5 - Unauthenticated Incorrect Authorization via Bluetooth Pairing

CVE-2021-0382 MEDIUM

Android 11 - Unauthenticated Local Information Disclosure via SliceManagerService Permission Check

CVE-2021-0376 HIGH

Android 11 - Incorrect Authorization in MediaProvider

CVE-2021-21186 MEDIUM

Google Chrome <89.0.4389.72 - Info Disclosure

CVE-2021-21182 MEDIUM

Google Chrome <89.0.4389.72 - Privilege Escalation

CVE-2021-21484 CRITICAL

SAP HANA 2.0 - Incorrect Authorization via LDAP Unauthenticated Bind

CVE-2021-21481 HIGH

SAP NetWeaver 7.10-7.50 - Unauthenticated Incorrect Authorization in MigrationService

CVE-2021-22134 MEDIUM

Elasticsearch 7.6.0-7.10.2 - Unauthorized Document Disclosure via Document or Field Level Security Bypass

CVE-2021-21362 HIGH

MinIO < 2021-03-04T00-53-13Z - Improper Authorization Bypass via Temporary Upload URL

Previous Page 101 of 125 Next

Details

Vulnerabilities 3,104

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy