Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,088 vulnerabilities with CWE-863

CVE-2023-3920 MEDIUM

GitLab 11.2-16.2.7, 16.3-16.3.4, 16.4 - Incorrect Authorization

CVE-2023-41078 MEDIUM

macOS Sonoma <14 - Privilege Escalation

CVE-2023-35990 LOW

iPadOS < 16.7 - Unauthenticated App Enumeration via Installed App Identification

CVE-2023-4853 HIGH

Quarkus < 2.16.11 - HTTP Security Policy Bypass via Input Neutralization Flaw

CVE-2023-5009 HIGH

GitLab 13.12-16.2.6 and 16.3-16.3.3 - Incorrect Authorization via Scheduled Security Scan Policies

CVE-2023-4814 HIGH

Trellix Windows DLP - Privilege Escalation

CVE-2023-20191 MEDIUM

Cisco IOS XR < 7.7.21 - Unauthenticated Access Control Bypass via MPLS Ingress ACL Processing

CVE-2023-20190 MEDIUM

Cisco IOS XR < 7.3.5 - Unauthenticated ACL Bypass via Incorrect Destination Address Range Encoding

CVE-2023-40611 MEDIUM

Apache Airflow <2.7.1 - Privilege Escalation

CVE-2023-37881 MEDIUM

Wing FTP Server <= 7.2.0 - Privilege Escalation via Admin Web Client

CVE-2023-40309 CRITICAL

SAP CommonCryptoLib - Incorrect Authorization

CVE-2023-30995 HIGH

IBM Aspera Faspex <5.0.5 - Auth Bypass

CVE-2023-37367 MEDIUM

Samsung Exynos Mobile Processor, Automotive Processor, and Modem - Denial of Service via NAS Task Security Check Bypass

CVE-2023-38486 HIGH

Aruba 9200/9000 - Privilege Escalation

CVE-2023-20269 MEDIUM KEV

Cisco Adaptive Security Appliance Software - Authentication Bypass via Default Connection Profile

CVE-2023-32672 MEDIUM

Apache Superset <= 2.1.0 - Authenticated Incorrect Authorization in SQLLab

CVE-2023-36387 MEDIUM

Apache Superset <2.1.0 - Info Disclosure

CVE-2023-27526 MEDIUM

Apache Superset <= 2.1.0 - Authenticated Incorrect Authorization via Import Charts Feature

CVE-2023-27523 MEDIUM

Apache Superset <= 2.1.0 - Authenticated Improper Data Authorization in Jinja Templated Queries

CVE-2023-4269 MEDIUM

User Activity Log <1.6.6 - Info Disclosure

CVE-2023-3814 MEDIUM

WordPress Advanced File Manager <5.1.1 - Info Disclosure

CVE-2023-0120 LOW

GitLab <16.1.5-16.3.1 - Info Disclosure

CVE-2023-3253 MEDIUM

Nessus < 10.6.0 - Authenticated User Enumeration via Improper Authorization

CVE-2023-34724 MEDIUM

TECHView LA5570 Wireless Gateway 1.0.19_T53 - Incorrect Authorization via UART Interface

CVE-2023-4227 MEDIUM

ioLogik 4000 Series <1.6 - Privilege Escalation

Previous Page 68 of 124 Next

Details

Vulnerabilities 3,088

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy