Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,104 vulnerabilities with CWE-863

CVE-2020-5240 HIGH

wagtail-2fa < 1.4.1 - Improper Authorization via 2FA Device Management Path

CVE-2020-10534 CRITICAL

MediaWiki <1.34.0 - Privilege Escalation

CVE-2020-0087 MEDIUM

Android 10 - Unauthenticated Side Channel Information Disclosure in ActivityManagerService

CVE-2020-0036 HIGH

Android 8.0-10 - Incorrect Authorization in PermissionMonitor

CVE-2020-2148 MEDIUM

Jenkins Mac Plugin < 1.1.0 - Missing Permission Check for SSH Connection

CVE-2020-2135 HIGH

Jenkins Script Security Plugin < 1.70 - Sandbox Bypass via GroovyInterceptable Method Calls

CVE-2020-2134 HIGH

Jenkins Script Security Plugin < 1.70 - Sandbox Bypass via Crafted Constructor Calls

CVE-2020-5251 HIGH

parse-server < 4.1.0 - Improper Authorization via NoSQL Query Regex

CVE-2020-9381 HIGH

Total.js CMS 13 - Unauthenticated Remote Code Execution via Admin Widgets API

CVE-2020-5242 HIGH

openHAB < 2.5.2 - Unauthenticated Remote Code Execution via REST API Binding Installation

CVE-2020-7251 MEDIUM

McAfee ENS <10.6.1 - Info Disclosure

CVE-2020-5239 HIGH

Mailu < 1.7 - Authenticated Privilege Escalation via Fetchmail Script

CVE-2020-6380 HIGH

Google Chrome <79.0.3945.130 - Privilege Escalation

CVE-2020-5318 HIGH

Dell EMC Isilon OneFS 8.0.0.7, 8.1.0.3, 8.1.0.4, 8.1.2 - Unauthenticated File Access via HTTP and WebDAV

CVE-2020-8119 MEDIUM

Nextcloud server <17.0.0 - Info Disclosure

CVE-2020-7955 MEDIUM

HashiCorp Consul <1.6.2 - Info Disclosure

CVE-2020-2104 MEDIUM

Jenkins < 2.204.1 and < 2.218 - Incorrect Authorization for JVM Memory Usage Chart

CVE-2020-8086 CRITICAL

Prosody mod_auth_ldap/mod_auth_ldap2 - Privilege Escalation

CVE-2020-2097 HIGH

Jenkins Sounds Plugin < 0.5 - OS Command Execution via Form Validation URL

CVE-2020-6307 MEDIUM

SAP Basis - Incorrect Authorization in Automated Note Search Tool

CVE-2019-25237 CRITICAL

V-SOL GPON/EPON OLT Platform v2.03 - Privilege Escalation

CVE-2019-25058 HIGH

USBGuard <1.1.0 - Privilege Escalation

CVE-2019-16651 MEDIUM

Virgin Media Super Hub 3 - Info Disclosure

CVE-2019-15059 HIGH

Liberty lisPBX 2.0-4 - Unauthenticated Sensitive Information Exposure via Backup File Retrieval

CVE-2019-25017 MEDIUM

MIT krb5-appl <1.0.3 - Code Injection

Previous Page 111 of 125 Next

Details

Vulnerabilities 3,104

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy