Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,108 vulnerabilities with CWE-863

CVE-2017-10379 MEDIUM

MySQL < 5.5.57, 5.6.37, 5.7.19 - Authenticated Unauthorized Data Access via Client Programs

CVE-2017-9653 CRITICAL

OSIsoft PI Integrator <2016 R2 - Privilege Escalation

CVE-2017-8633 HIGH

Windows Error Reporting - Elevation of Privilege via Incorrect Authorization

CVE-2017-9855 CRITICAL

SMA Solar Technology - Privilege Escalation

CVE-2017-6672 HIGH

Cisco ASR 5000 Series Software - Unauthenticated Access Control List Bypass

CVE-2017-7512 CRITICAL

Red Hat 3scale <2.0.0 - Auth Bypass

CVE-2017-10805 HIGH

Odoo 8.0, 9.0, 10.0 - Authenticated OAuth Session Hijacking via Incorrect Access Control

CVE-2017-8907 HIGH

Atlassian Bamboo <5.15.7-6.0.1 - RCE

CVE-2017-9378 MEDIUM

BigTree CMS <4.2.18 - Info Disclosure

CVE-2017-2306 HIGH

Juniper Networks Junos Space <16.1R1 - Code Injection

CVE-2017-2305 HIGH

Juniper Networks Junos Space <16.1R1 - Privilege Escalation

CVE-2017-7505 HIGH

Foreman <1.5 - Privilege Escalation

CVE-2017-4915 HIGH

VMware Workstation Pro/Player - Privilege Escalation

CVE-2017-0894 MEDIUM

Nextcloud Server <11.0.3 - Info Disclosure

CVE-2017-3817 MEDIUM

Cisco UCS Director <6.0 - Info Disclosure

CVE-2017-0881 MEDIUM

Zulip <1.4.3 - Privilege Escalation

CVE-2017-5618 HIGH

GNU screen < 4.5.1 - Unauthenticated Arbitrary File Write via Logfile Permissions

CVE-2017-6377 HIGH

Drupal 8.2.x < 8.2.7 - Incorrect Authorization in Private File Editor

CVE-2017-6816 MEDIUM

WordPress < 4.7.3 - Unintended File Deletion via Plugin Deletion Functionality

CVE-2017-6590 MEDIUM

Ubuntu Linux - Unauthenticated Local File Access and Command Execution via Network Manager Applet

CVE-2017-3801 HIGH

Cisco UCS Director <6.0.1 - Privilege Escalation

CVE-2016-20075 HIGH

WordPress Ultimate Product Catalog 3.8.6 Arbitrary File Upload RCE

CVE-2016-20005 CRITICAL

REST/JSON Project 7.x-1.x - Auth Bypass

CVE-2016-20004 CRITICAL

REST/JSON Project 7.x-1.x - Auth Bypass

CVE-2016-20002 CRITICAL

REST/JSON Project 7.x-1.x - Auth Bypass

Previous Page 122 of 125 Next

Details

Vulnerabilities 3,108

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy