Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,088 vulnerabilities with CWE-863

CVE-2023-36092 CRITICAL

D-Link DIR-859 FW105b03 - Privilege Escalation

CVE-2023-36091 CRITICAL

D-Link DIR-895 FW102b07 - Privilege Escalation

CVE-2023-36090 CRITICAL

D-Link DIR-885L FW102b01 - Privilege Escalation

CVE-2023-36089 CRITICAL

D-Link DIR-645 <1.03 - Privilege Escalation

CVE-2023-38488 HIGH

Kirby <3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, 3.9.6 - Field Injection

CVE-2023-3957 MEDIUM

ACF Photo Gallery Field <= 1.9 - Authenticated Arbitrary User Meta Update via apg_profile_update

CVE-2023-35983 MEDIUM

macOS 11.0-11.7.8 - Unprotected File System Modification

CVE-2023-39154 MEDIUM

Jenkins Qualys Web App Scanning Connector < 2.0.10 - Incorrect Authorization via URL Connection

CVE-2023-32629 HIGH

Ubuntu Linux - Local Privilege Escalation via OverlayFS Permission Check Bypass

CVE-2023-2640 HIGH

GameOver(lay) Privilege Escalation and Container Escape

CVE-2023-38503 MEDIUM

Directus 10.3.0-10.5.0 - Unauthorized Data Exposure via GraphQL Subscription Permission Bypass

CVE-2023-38493 HIGH

Armeria < 1.24.3 - Incorrect Authorization via Matrix Variable Bypass

CVE-2023-36826 HIGH

Sentry 8.21.0-23.5.2 - Authenticated Improper Authorization via Debug/Artifact Bundle Download

CVE-2023-38058 MEDIUM

OTRS 8.0.0-8.0.34 - Authenticated Improper Privilege Management in Ticket Move Action

CVE-2023-36339 HIGH

WebBoss.io CMS <3.7.0.1 - Info Disclosure

CVE-2023-3484 HIGH

GitLab 12.8.0-15.11.10, 16.0.0-16.0.6, 16.1.0-16.1.1 - Incorrect Authorization

CVE-2023-32482 MEDIUM

Dell Wyse Management Suite < 4.0 - Authenticated Improper Authorization

CVE-2023-32261 MEDIUM

Micro Focus Dimensions CM Plugin for Jenkins < 0.9.3.1 - Credential ID Enumeration via Overall/Read Permission

CVE-2023-34035 HIGH

Spring Security <5.8.5,6.0.5,6.1.2 - Info Disclosure

CVE-2023-3459 HIGH

WordPress Export & Import Users/Cust <2.4.1 - Info Disclosure

CVE-2023-3613 LOW

Mattermost WelcomeBot - Privilege Escalation

CVE-2023-3590 LOW

Mattermost 7.10.0-7.10.2 - Incorrect Authorization in Boards Card Attachment Deletion

CVE-2023-3586 MEDIUM

Mattermost 7.8.0-7.8.6 - Incorrect Authorization via Public Boards Configuration

CVE-2023-3584 LOW

Mattermost 7.8.0-7.8.4 - Authenticated Incorrect Authorization via Team Override Scheme ID

CVE-2023-3582 MEDIUM

Mattermost 7.8.0-7.8.6 - Authenticated Incorrect Authorization via Board Channel Linking

Previous Page 70 of 124 Next

Details

Vulnerabilities 3,088

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy