Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,070 vulnerabilities with CWE-863

CVE-2024-57032 CRITICAL

WeGIA < 3.2.0 - Privilege Escalation

CVE-2024-53553 CRITICAL

OPEXUS FOIAXPRESS PUBLIC ACCESS LINK 11.1.0 - Unauthenticated Authentication Bypass

CVE-2024-57683 MEDIUM

D-Link DIR-816 Firmware 1.10CNB05 - Unauthenticated Incorrect Authorization

CVE-2024-57681 MEDIUM

D-Link DIR-816 Firmware 816A2_FWv1.10CNB05_R1B011D88210 - Unauthenticated Incorrect Authorization via form2alg.cgi

CVE-2024-57680 MEDIUM

D-Link DIR-816 Firmware - Unauthenticated Port Trigger Manipulation via form2PortriggerRule.cgi

CVE-2024-57679 MEDIUM

D-Link DIR-816 Firmware 1.10CNB05 - Unauthenticated Incorrect Authorization via form2RepeaterSetup.cgi

CVE-2024-57678 MEDIUM

D-Link DIR-816 Firmware - Unauthenticated Incorrect Authorization via form2WlAc.cgi

CVE-2024-57677 MEDIUM

D-Link DIR-816 Firmware 816A2_FWv1.10CNB05_R1B011D88210 - Unauthenticated Incorrect Authorization via form2Wan.cgi

CVE-2024-57676 MEDIUM

D-Link DIR-816 Firmware - Unauthenticated Incorrect Authorization via form2WlanBasicSetup.cgi

CVE-2024-44136 MEDIUM

iPadOS < 17.5 - Incorrect Authorization

CVE-2024-40771 HIGH

macOS Sonoma <14.5, iOS <16.7.8, iPadOS <16.7.8, watchOS <10.5, tvO...

CVE-2024-13302 MEDIUM

Drupal Pages Restriction Access <2.0.3 - Auth Bypass

CVE-2024-13291 HIGH

Drupal Basic HTTP Authentication < 7.x-1.4 - Incorrect Authorization

CVE-2024-13290 MEDIUM

Drupal OhDear Integration <2.0.4 - Info Disclosure

CVE-2024-56114 MEDIUM

Canlineapp Online 1.1 - Incorrect Authorization for Audit Template Creation

CVE-2024-13282 HIGH

Drupal Block permissions 1.0.0-1.1.x - Incorrect Authorization via Forceful Browsing

CVE-2024-13281 CRITICAL

Drupal Monster Menus <9.3.2 - Auth Bypass

CVE-2024-13278 CRITICAL

Drupal Diff <1.8.0 - Info Disclosure

CVE-2024-13277 CRITICAL

Drupal Smart IP Ban <7.X-1.1 - Auth Bypass

CVE-2024-13271 MEDIUM

Drupal Content Entity Clone <1.0.4 - Info Disclosure

CVE-2024-13270 MEDIUM

Drupal Freelinking <4.0.1 - Info Disclosure

CVE-2024-13266 MEDIUM

Drupal Responsive <4.4.4 - Forceful Browsing

CVE-2024-13258 CRITICAL

Drupal REST & JSON API Authentication < 2.0.13 - Incorrect Authorization

CVE-2024-13257 MEDIUM

Drupal Commerce View Receipt <1.0.3 - Info Disclosure

CVE-2024-13253 CRITICAL

Drupal Advanced PWA <1.5.0 - Forceful Browsing

Previous Page 46 of 123 Next

Details

Vulnerabilities 3,070

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy