Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,070 vulnerabilities with CWE-863

CVE-2024-44287 MEDIUM

macOS < 13.7.1, < 14.7.1, < 15.1 - Unauthorized File System Modification

CVE-2024-44270 HIGH

macOS < 13.7.1, < 14.7.1, < 15.1 - Sandbox Restriction Bypass via Logic Issue

CVE-2024-44253 MEDIUM

macOS < 13.7.1, < 14.7.1, < 15.1 - Unauthorized File System Modification

CVE-2024-44247 MEDIUM

macOS < 13.7.1, < 14.7.1, < 15.1 - Unauthorized File System Modification

CVE-2024-44196 MEDIUM

macOS < 13.7.1, < 14.7.1, < 15.1 - Unauthorized File System Modification

CVE-2024-44137 MEDIUM

macOS < 13.7.1, < 14.7.1, < 15 - Unauthenticated Lock Screen Data Exposure

CVE-2024-40855 MEDIUM

macOS < 13.7.1, < 14.7.1, < 15 and visionOS < 2 - Unprotected User Data Exposure via Sandbox Bypass

CVE-2024-9825 MEDIUM

Chef Habitat <10315/20240913162802 - IDOR

CVE-2024-48936 MEDIUM

Slurm < 24.05.4 - Incorrect Authorization via Step Manager

CVE-2024-48237 CRITICAL

WTCMS 1.0 - Incorrect Access Control in HomebaseController

CVE-2024-49376 HIGH

Autolab <3.0.0 - Privilege Escalation

CVE-2024-47025 MEDIUM

Android - Local Information Disclosure via drm_fw.c ppmp_protect_buf Logic Error

CVE-2024-44099 MEDIUM

Android - Local Information Disclosure via Insecure Default Value

CVE-2024-41617 CRITICAL

Money Manager EX WebApp 1.2.2 - RCE

CVE-2024-45261 HIGH

GL-iNet devices <4.6.2 - Privilege Escalation

CVE-2024-45260 HIGH

GL-iNet <4.6.2 - Privilege Escalation

CVE-2024-10295 HIGH

Red Hat 3scale API Management Platform 2 - Unauthenticated Authentication Bypass via Malformed Basic Auth Header

CVE-2024-48548 CRITICAL

Cloud Smart Lock 2.0.1 - Incorrect Authorization via Device Binding API

CVE-2024-48547 HIGH

DreamCatcher Life <1.8.7 - Info Disclosure

CVE-2024-48546 HIGH

Wear Sync 1.2.0 - Incorrect Authorization in Firmware Update and Download

CVE-2024-48545 HIGH

IVY Smart 4.5.0 - Incorrect Authorization in Firmware Update and Download

CVE-2024-48544 HIGH

Sylvania Smart Home <3.0.3 - Info Disclosure

CVE-2024-48542 HIGH

Yamaha Headphones Controller 1.6.7 - Info Disclosure

CVE-2024-48541 HIGH

Ruochan Smart <4.4.7 - Info Disclosure

CVE-2024-48540 MEDIUM

XIAO HE Smart 4.3.1 - Info Disclosure

Previous Page 50 of 123 Next

Details

Vulnerabilities 3,070

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy