Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,104 vulnerabilities with CWE-863

CVE-2020-14196 MEDIUM

PowerDNS Recursor <= 4.1.16 - Incorrect Authorization

CVE-2020-15084 HIGH

express-jwt < 5.3.3 - Authorization Bypass via Unenforced Algorithms Configuration

CVE-2020-12053 CRITICAL

Unisys Stealth 3.4.x-5.x < 5.0.026 - Incorrect Authorization via Certificate-Based Endpoint

CVE-2020-13263 HIGH

GitLab EE 9.5-13.0.1 - Incorrect Authorization via Project Maintainer Impersonation

CVE-2020-13277 MEDIUM

GitLab CE/EE <13.0.5 - Info Disclosure

CVE-2020-3364 MEDIUM

Cisco IOS XR - Unauthenticated Access Control Bypass via Standby Route Processor Management Interface

CVE-2020-3360 MEDIUM

Cisco IP Phones Series 7800-8800 - Info Disclosure

CVE-2020-6752 LOW

OMERO < 5.6.1 - Incorrect Authorization

CVE-2020-14214 MEDIUM

Zammad < 3.3.1 - Unauthenticated Incorrect Authorization via Domain Based Assignment

CVE-2020-7499 MEDIUM

Schneider Electric U.motion Servers and Touch Panels < 1.4.2 - Incorrect Authorization

CVE-2020-0115 HIGH

Android 8.0-10 - Incorrect Authorization in PackageManagerService

CVE-2020-13696 MEDIUM

xawtv < 3.107 - Unauthenticated Arbitrary File Access via v4l-conf Device Path Manipulation

CVE-2020-13834 HIGH

Android O(8.x), P(9.0), Q(10.0) - Incorrect Authorization in Secure Folder

CVE-2020-3335 MEDIUM

Cisco Application Services Engine Software - Info Disclosure

CVE-2020-3231 MEDIUM

Cisco IOS - Unauthenticated Broadcast Traffic Forwarding via 802.1X Port Mishandling

CVE-2020-3229 HIGH

Cisco IOS XE Web Management Software - Privilege Escalation

CVE-2020-3227 CRITICAL

Cisco IOS XE - Unauthenticated API Command Execution via Crafted Token Request

CVE-2020-4026 MEDIUM

Atlassian Navigator Links < 3.3.23, 4.0.0-4.3.6, 5.0.0, 5.1.0 - Incorrect Authorization in CustomAppsRestResource

CVE-2020-11844 CRITICAL

Micro Focus Service Management Automation 2018.05-2020.02 - Incorrect Authorization

CVE-2020-1831 LOW

HUAWEI Mate 20 <10.0.0.195 - Privilege Escalation

CVE-2020-4249 MEDIUM

IBM Security Identity Governance and Intelligence 5.2.6 - Sensitive Information Disclosure via Incorrect Authorization

CVE-2020-12391 HIGH

Firefox < 76.0 - Cross-Origin Script Execution via data: URL in OBJECT Element

CVE-2020-3811 HIGH

netqmail - Mail-Address Verification Bypass via qmail-verify

CVE-2020-0097 HIGH

Android 9-10 - Incorrect Authorization in PackageManagerService

CVE-2020-12876 HIGH

Veritas APTARE <10.4 - Info Disclosure

Previous Page 109 of 125 Next

Details

Vulnerabilities 3,104

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy