Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,104 vulnerabilities with CWE-863

CVE-2020-13335 MEDIUM

GitLab >=7.12 - Privilege Escalation

CVE-2020-13334 MEDIUM

GitLab <13.2.10-13.4.2 - Info Disclosure

CVE-2020-15664 MEDIUM

Firefox < 80 and Firefox ESR < 68.12 - Unauthenticated Extension Installation via about:blank eval() Reference

CVE-2020-13322 HIGH

GitLab >12.9 - Privilege Escalation

CVE-2020-26121 HIGH

MediaWiki < 1.34.4 - Incorrect Authorization in FileImporter Extension

CVE-2020-25869 HIGH

MediaWiki < 1.31.10 and 1.32.x-1.34.x < 1.34.4 - Information Leak via Actor ID Handling

CVE-2020-3477 MEDIUM

Cisco IOS Software - Privilege Escalation

CVE-2020-3474 MEDIUM

Cisco IOS XE - Authenticated Denial of Service via Web Management Framework

CVE-2020-3404 HIGH

Cisco IOS XE - Privilege Escalation

CVE-2020-4621 HIGH

IBM Data Risk Manager < 2.0.6.4 - Authenticated Privilege Escalation via Insufficient Authorization Checks

CVE-2020-2258 MEDIUM

Jenkins Health Advisor by CloudBees Plugin <3.2.0 - Info Disclosure

CVE-2020-15590 HIGH

Private Internet Access VPN Client 1.5-2.3 - Unauthenticated VPN Kill Switch Bypass via IPv4 Forwarding

CVE-2020-13313 MEDIUM

GitLab <13.1.10-13.3.4 - Info Disclosure

CVE-2020-13300 HIGH

GitLab CE/EE <13.3.4 - Info Disclosure

CVE-2020-13284 MEDIUM

GitLab <13.1.10-13.3.4 - Info Disclosure

CVE-2020-25284 MEDIUM

Linux Kernel < 5.8.9 - Incorrect Authorization in rbd Block Device Driver

CVE-2020-15163 HIGH

Python TUF < 0.12.0 - Insufficient Verification of Data Authenticity

CVE-2020-6311 MEDIUM

SAP Bank Analyzer 500 and S/4HANA for Financial Products Subledger 100 - Improper Authorization

CVE-2020-3530 HIGH

Cisco IOS XR < 7.1.2 - Authenticated Privilege Escalation via Task Group Assignment Bypass

CVE-2020-3473 HIGH

Cisco IOS XR - Privilege Escalation

CVE-2020-24941 HIGH

Laravel < 6.18.35 and 7.x < 7.24.0 - Incorrect Authorization via JSON Column Nesting

CVE-2020-5418 MEDIUM

Cloud Foundry CAPI <1.98.0 - Info Disclosure

CVE-2020-25025 MEDIUM

Localization Manager < 7.4.0 - Information Disclosure via Translatable Fields

CVE-2020-25055 CRITICAL

Samsung Android O(8.x), P(9.0), Q(10.0) - Incorrect Authorization in Persona Service

CVE-2020-24716 HIGH

OpenZFS < 0.8.4 - Incorrect Authorization

Previous Page 107 of 125 Next

Details

Vulnerabilities 3,104

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy