Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,076 vulnerabilities with CWE-863

CVE-2024-44162 HIGH

Xcode < 16.0 - Unauthorized Keychain Access

CVE-2024-40843 MEDIUM

macOS Sequoia <15 - Info Disclosure

CVE-2024-40770 HIGH

macOS Sequoia <15 - Privilege Escalation

CVE-2024-46918 MEDIUM

MISP < 2.4.198 - Incorrect Authorization in UserLoginProfilesController

CVE-2024-2743 MEDIUM

GitLab 13.3-17.1.6, 17.2-17.2.4, 17.3-17.3.1 - Incorrect Authorization in On-Demand DAST Scan

CVE-2024-8691 HIGH

Palo Alto Networks PAN-OS - Privilege Escalation

CVE-2024-4465 MEDIUM

Guardian/CMC - Privilege Escalation

CVE-2024-44667 HIGH

Shenzhen Haichangxing Technology Co., Ltd HCX H822 4G LTE Router M7...

CVE-2024-42423 MEDIUM

Citrix Workspace App <23.9.0.24.4 - Auth Bypass

CVE-2024-6979 MEDIUM

AXIS OS 2024 11.11.0-11.11.94 - Incorrect Authorization

CVE-2024-44114 LOW

SAP NetWeaver Application Server ABAP - Unauthorized Data Exposure via High Privilege Program Execution

CVE-2024-8601 MEDIUM

TechExcel Back Office Software <1.0.0 - Info Disclosure

CVE-2024-34652 MEDIUM

Samsung Android - Incorrect Authorization in kperfmon

CVE-2024-34651 MEDIUM

Samsung Android My Files - Incorrect Authorization

CVE-2024-34650 MEDIUM

Samsung Android - Incorrect Authorization in CocktailbarService

CVE-2024-34642 MEDIUM

Samsung Android One UI Home - Incorrect Authorization

CVE-2024-45588 HIGH

Symphony XTS Web Trading Platform 2.0.0.1_P160 - Authenticated Incorrect Authorization in Preference Module API

CVE-2024-45587 HIGH

Symphony XTS Web Trading Platform 2.0.0.1_P160 - Authenticated Incorrect Authorization in Transaction Module API

CVE-2024-45586 HIGH

Symphony XTS Web/Mobile Trading 2.0.0.1_P160 - Account Takeover via API Parameter Manipulation

CVE-2024-45509 MEDIUM

MISP < 2.4.197 - Improper Access Control in BookmarksController

CVE-2024-38868 HIGH

ManageEngine Endpoint Central < 11.3.2400.15 - Incorrect Authorization during Device Isolation

CVE-2024-41964 HIGH

Kirby < 3.6.6.6 - Incorrect Authorization in Language Management

CVE-2024-43954 MEDIUM

Themeum Droip <= 1.1.1 - Incorrect Authorization

CVE-2024-45043 MEDIUM

OpenTelemetry Collector - Unauthenticated RCE

CVE-2024-45037 MEDIUM

AWS Cloud Development Kit 2.142.0-2.148.0 - Incorrect Authorization via RestApi Construct with CognitoUserPoolAuthorizer

Previous Page 54 of 124 Next

Details

Vulnerabilities 3,076

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy