Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,064 vulnerabilities with CWE-863

CVE-2025-48475 HIGH

FreeScout <1.8.180 - Info Disclosure

CVE-2025-48474 HIGH

freescout < 1.8.180 - Incorrect Authorization via Conversation Assignment

CVE-2025-48473 MEDIUM

FreeScout <1.8.179 - Info Disclosure

CVE-2025-48472 HIGH

FreeScout <1.8.179 - Privilege Escalation

CVE-2025-3913 MEDIUM

Mattermost <10.7.0-9.11.12 - Privilege Escalation

CVE-2025-25251 HIGH

FortiClient Mac <7.4.2-7.2.8-7.0.14 - Privilege Escalation

CVE-2025-25026 MEDIUM

IBM Security Guardium 12.0 - Info Disclosure

CVE-2025-4975 MEDIUM

Shared Device - Privilege Escalation

CVE-2025-48373 CRITICAL

Schule School Management System - Incorrect Authorization via Client-Side Role Manipulation

CVE-2025-30171 CRITICAL

ASPECT <3.08.03 - Privilege Escalation

CVE-2025-1110 LOW

GitLab 18.0 - Insufficient Granularity of Access Control via GraphQL Query

CVE-2025-20257 MEDIUM

Cisco Secure Network Analytics - Privilege Escalation

CVE-2025-1418 MEDIUM

Proget < 2.17.5 - Incorrect Authorization in MDM Profile Information

CVE-2025-1417 MEDIUM

Proget < 2.17.5 - Incorrect Authorization in MDM Backup Access

CVE-2025-1416 HIGH

Proget < 2.17.5 - Incorrect Authorization via Device UUID

CVE-2025-1415 MEDIUM

Proget MDM <2.17.5 - Info Disclosure

CVE-2025-47937 LOW

TYPO3 9.0.0-9.5.50 - Incorrect Authorization in Database Abstraction Layer

CVE-2025-4101 MEDIUM

Multivendorx < 4.2.23 - Incorrect Authorization

CVE-2025-47930 MEDIUM

Zulip 10.0-10.3 - Incorrect Authorization via Channel Privacy Change

CVE-2025-46834 MEDIUM

Alchemy's Modular Account <2.x - Info Disclosure

CVE-2025-2570 LOW

Mattermost 9.11.0-9.11.11 and 10.5.0-10.5.3 - Incorrect Authorization via System Console

CVE-2025-2527 MEDIUM

Mattermost 9.11.0-9.11.11 and 10.5.0-10.5.2 - Incorrect Authorization via Group API

CVE-2025-3446 MEDIUM

Mattermost 9.11.0-9.11.11 10.4.0-10.4.4 10.5.0-10.5.2 10.6.0-10.6.1 - Incorrect Authorization via Team Invite API

CVE-2025-43565 HIGH

Adobe ColdFusion <= 2025.1, <= 2023.13, <= 2021.19 - Authenticated Arbitrary Code Execution via Incorrect Authorization

CVE-2025-43564 CRITICAL

ColdFusion <= 2025.1, <= 2023.13, <= 2021.19 - Authenticated Arbitrary File Read via Improper Access Control

Previous Page 37 of 123 Next

Details

Vulnerabilities 3,064

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy