Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,070 vulnerabilities with CWE-863

CVE-2024-45204 MEDIUM

Veeam Backup & Replication 12.0.0.1402-12.3.0.310 - Incorrect Authorization Leading to NTLM Hash Exposure

CVE-2024-42452 HIGH

Veeam Backup & Replication - Privilege Escalation

CVE-2024-42451 MEDIUM

Veeam Backup & Replication - Info Disclosure

CVE-2024-45106 HIGH

Apache Ozone 1.4.0 - Authenticated S3 Secret Manipulation via HTTP Endpoint

CVE-2024-53937 HIGH

Victure RX1800 WiFi 6 Router EN_V1.0.0_r12_110933 - RCE

CVE-2024-53941 HIGH

Victure RX1800 WiFi 6 Router EN_1.0.0_r12_110933 - Info Disclosure

CVE-2024-52732 CRITICAL

wms-Warehouse management system-zeqp <2.20.9.1 - Info Disclosure

CVE-2024-36611 HIGH

symfony/security-http < 7.1.0 - Incorrect Authorization via Empty Username or Password

CVE-2024-48651 HIGH

ProFTPD < 1.3.8b - Privilege Escalation via mod_sql

CVE-2024-54124 HIGH

Click Studios Passwordstate <build 9920 - Privilege Escalation

CVE-2024-11669 MEDIUM

GitLab CE/EE <17.4.5-17.6.1 - Info Disclosure

CVE-2024-50671 MEDIUM

Adapt Learning Adapt Authoring Tool <= 0.11.3 - Info Disclosure

CVE-2024-7915 HIGH

Sensei Mac Cleaner - Privilege Escalation

CVE-2024-11672 MEDIUM

Drevolutions Remote Desktop Manager <2024.2.21 - Auth Bypass

CVE-2024-11670 MEDIUM

Drevolutions Remote Desktop Manager <2024.2.21 - Auth Bypass

CVE-2024-11176 MEDIUM

M-Files Aino <24.10 - Info Disclosure

CVE-2024-21287 HIGH KEV

Oracle Agile PLM Framework 9.3.6 - Unauthenticated Incorrect Authorization in Software Development Kit

CVE-2024-52584 MEDIUM

Autolab 3.0.1 - Incorrect Authorization via Submission ID Endpoint

CVE-2024-48901 MEDIUM

Moodle < 4.1.14 - Improper Authorization in Report Schedule Access

CVE-2024-48897 MEDIUM

Moodle < 4.1.14 - Improper Authorization in RSS Feed Management

CVE-2024-52518 MEDIUM

Nextcloud Server 28.0.0-28.0.11 - Authenticated External Storage Manipulation

CVE-2024-50650 HIGH

python_book 1.0 - Incorrect Authorization via ID Parameter

CVE-2024-50647 HIGH

python_food 1.0 - Unauthenticated Sensitive Information Exposure via User Info API

CVE-2024-31695 CRITICAL

Binance: BTC, Crypto and NFTS <v2.85.4 - Auth Bypass

CVE-2024-3379 HIGH

lunary-ai/lunary <1.2.7 - Info Disclosure

Previous Page 48 of 123 Next

Details

Vulnerabilities 3,070

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy