Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,076 vulnerabilities with CWE-863

CVE-2024-48546 HIGH

Wear Sync 1.2.0 - Incorrect Authorization in Firmware Update and Download

CVE-2024-48545 HIGH

IVY Smart 4.5.0 - Incorrect Authorization in Firmware Update and Download

CVE-2024-48544 HIGH

Sylvania Smart Home <3.0.3 - Info Disclosure

CVE-2024-48542 HIGH

Yamaha Headphones Controller 1.6.7 - Info Disclosure

CVE-2024-48541 HIGH

Ruochan Smart <4.4.7 - Info Disclosure

CVE-2024-48540 MEDIUM

XIAO HE Smart 4.3.1 - Info Disclosure

CVE-2024-20482 MEDIUM

Cisco Secure Firewall Management Center - Privilege Escalation

CVE-2024-49209 MEDIUM

Archer Platform 2024.03-2024.09 - Unauthenticated Privilege Escalation via Supporting Application Files

CVE-2024-49208 MEDIUM

Archer Platform 2024.03-2024.08 - Unauthenticated Authorization Bypass via Supporting Application Files

CVE-2024-48925 NONE

Umbraco CMS 14.0.0-14.2.9 - Improper Access Control in Webhook API

CVE-2024-38002 CRITICAL

Liferay Portal/DXP - Authenticated RCE

CVE-2024-10173 HIGH

didi DDMQ 1.0 - Improper Authentication in Console Module

CVE-2024-29821 HIGH

Ivanti DSM <2024.2 - Privilege Escalation

CVE-2024-29213 HIGH

Ivanti DSM < 2024.2 - Privilege Escalation

CVE-2024-20420 MEDIUM

Cisco ATA 190 - Privilege Escalation

CVE-2024-45216 CRITICAL

Apache Solr 5.3.0-8.11.3 and 9.0.0-9.6.9 - Authentication Bypass via Fake URL Path Ending

CVE-2024-21285 HIGH

Oracle Banking Liquidity Management 14.5.0.12.0 - Incorrect Authorization in Reports

CVE-2024-21284 HIGH

Oracle Banking Liquidity Management 14.5.0.12.0 - Incorrect Authorization in Reports

CVE-2024-21283 HIGH

Oracle PeopleSoft Enterprise HCM Global Payroll Core 9.2.48-9.2.50 - Incorrect Authorization via HTTP

CVE-2024-21282 HIGH

Oracle E-Business Suite 12.2.3-12.2.13 - Incorrect Authorization in Common Components

CVE-2024-21280 HIGH

Oracle Service Contracts 12.2.5-12.2.13 - Unauthorized Data Access and Modification in Authoring Component

CVE-2024-21279 HIGH

Oracle E-Business Suite 12.2.3-12.2.13 - Authenticated Incorrect Authorization in Auctions

CVE-2024-21278 HIGH

Oracle E-Business Suite 12.2.3-12.2.13 - Unauthorized Data Access and Modification in Award Processes

CVE-2024-21277 HIGH

Oracle E-Business Suite 12.2.3-12.2.13 - Authenticated Incorrect Authorization in Device Integration

CVE-2024-21276 HIGH

Oracle E-Business Suite 12.2.3-12.2.13 - Authenticated Incorrect Authorization in Messages Component

Previous Page 51 of 124 Next

Details

Vulnerabilities 3,076

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy