Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,076 vulnerabilities with CWE-863

CVE-2024-45128 MEDIUM

Adobe Commerce <2.4.7-p2 - Auth Bypass

CVE-2024-45125 MEDIUM

Adobe Commerce <2.4.7-p2 - Auth Bypass

CVE-2024-7048 MEDIUM

open-webui v0.3.8 - Incorrect Authorization in Document API Endpoints

CVE-2024-45160 CRITICAL

LemonLDAP::NG <2.19.2 - Auth Bypass

CVE-2024-47780 LOW

TYPO3 10.0.0-10.4.45 and 13.0.0-13.3.0 - Incorrect Authorization in Backend Page Tree

CVE-2024-38425 MEDIUM

Qualcomm WSA8835 Firmware - Information Disclosure via Implicit Broadcast

CVE-2024-47183 HIGH

Parse Server <6.5.9, <7.3.0 - Privilege Escalation

CVE-2024-47616 MEDIUM

Pomerium < 0.27.1 - Incorrect Authorization via JWT Validation Bypass

CVE-2024-47560 HIGH

RevoWorks Cloud Client <3.0.91 - Info Disclosure

CVE-2024-47172 MEDIUM

CVAT < 2.19.1 - Incorrect Authorization

CVE-2024-47077 MEDIUM

authentik <2024.8.3-2024.6.5 - Info Disclosure

CVE-2024-9136 MEDIUM

Huawei EMUI and HarmonyOS - Incorrect Authorization in App Multiplier Module

CVE-2024-8974 LOW

GitLab 15.6-17.2.7, 17.3-17.3.3, 17.4-17.4.0 - Unauthenticated Private Project Path Disclosure

CVE-2024-9155 MEDIUM

Mattermost 9.5.0-9.5.8, 9.9.0-9.9.2, 9.10.0-9.10.1 - Incorrect Authorization in Channel File Access

CVE-2024-7108 CRITICAL

National Keep CyberMath < CYBM.240816253 - Incorrect Authorization

CVE-2024-20510 MEDIUM

Cisco IOS XE - Unauthenticated Access Control Bypass via Central Web Authentication

CVE-2024-47078 HIGH

meshtastic_firmware < 2.5.1 - Authentication and Authorization Bypass via MQTT Implementation

CVE-2024-6512 MEDIUM

Dovolations Server <2024.2.10 - Auth Bypass

CVE-2024-6593 CRITICAL

WatchGuard Authentication Gateway <12.10.2 - RCE

CVE-2024-6592 CRITICAL

WatchGuard Authentication Gateway and Single Sign-On Client - Authentication Bypass via Protocol Communication

CVE-2024-8606 HIGH

Checkmk <2.3.0p16, <2.2.0p34 - Auth Bypass

CVE-2024-9082 MEDIUM

SourceCodester Online Eyewear Shop 1.0 - Incorrect Privilege Assignment in User Creation Handler

CVE-2024-47060 MEDIUM

Zitadel < 2.54.10 and 2.62.0-2.62.1 - Unauthorized Access via Inactive Organization Projects

CVE-2024-47160 MEDIUM

JetBrains YouTrack <2024.3.44799 - Info Disclosure

CVE-2024-47159 MEDIUM

JetBrains YouTrack <2024.3.44799 - Privilege Escalation

Previous Page 53 of 124 Next

Details

Vulnerabilities 3,076

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy