Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,104 vulnerabilities with CWE-863

CVE-2020-4877 CRITICAL

IBM Cognos Controller 10.4.0-10.4.2 - Unauthorized Modifications via Public Class Fields

CVE-2020-14110 HIGH

AX3600 Firmware < 1.0.67 - Unauthenticated Sensitive Information Disclosure via Luci Interface

CVE-2020-19551 HIGH

wuzhicms <= 4.1.0 - Remote Code Execution via Blacklist Bypass in common.func.php

CVE-2020-16630 MEDIUM

TI 15.4-stack - Incorrect Authorization via LTK Property Caching

CVE-2020-21124 CRITICAL

UReport 2.2.9 - Unauthenticated Remote Code Execution via Designer Page

CVE-2020-19765 HIGH

proofofdiligencetoken - Reentrancy Attack via noReentrance() Modifier

CVE-2020-18701 CRITICAL

Lin-CMS-Flask <0.1.1 - Info Disclosure

CVE-2020-25564 HIGH

SapphireIMS 5.0 - Incorrect Authorization via RemoteMgmtTaskSave Feature

CVE-2020-28397 MEDIUM

SIMATIC S7-1500 CPU family < 2.9.2 - Unauthenticated Information Disclosure via PLC Program Variable Extraction

CVE-2020-19301 CRITICAL

vaeThink 1.0.1 - Remote Code Execution via Database Table Condition Parameter

CVE-2020-12733 HIGH

DEPSTECH WiFi Digital Microscope 3 - Info Disclosure

CVE-2020-27362 HIGH

Akkadian Provisioning Manager 4.50.02 - Privilege Escalation

CVE-2020-20471 HIGH

White Shark System 1.3.2 - Unauthenticated Privilege Escalation via default_user_edit.php

CVE-2020-20466 CRITICAL

White Shark System 1.3.2 - Unauthenticated Password Modification via user_edit_password.php

CVE-2020-1729 MEDIUM

SmallRye Config < 1.6.2 - Incorrect Authorization via ClassLoader Bypass

CVE-2020-26560 HIGH

Bluetooth Mesh Profile <1.0.1 - Privilege Escalation

CVE-2020-26559 HIGH

Bluetooth Mesh <1.0.1 - Info Disclosure

CVE-2020-26555 MEDIUM

Bluetooth Core Specification <5.2 - Unauthenticated Spoofing

CVE-2020-36289 MEDIUM

Atlassian Data Center < 8.5.13 - Incorrect Authorization

CVE-2020-21990 HIGH

MyDomoAtHome REST API Domoticz ISS Gateway 0.2.40 - Unauthenticated Information Disclosure

CVE-2020-28872 CRITICAL

Monitorr 1.7.6m - Unauthenticated Authorization Bypass via Registration Endpoint

CVE-2020-36287 MEDIUM

Atlassian Jira Server/Data Center <8.13.5, 8.14.0-8.15.1 - Unauthenticated Info Disclosure

CVE-2020-14106 MEDIUM

MIUI < 2021.01.26 - Unauthorized Process List Access

CVE-2020-27901 MEDIUM

macOS < 11.0.1 - Sandbox Restriction Bypass via Logic Issue

CVE-2020-36238 MEDIUM

Jira Server and Data Center < 8.5.13 and 8.6.0-8.13.5 - Unauthenticated Username Enumeration via Render API

Previous Page 104 of 125 Next

Details

Vulnerabilities 3,104

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy