Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,088 vulnerabilities with CWE-863

CVE-2023-21225 HIGH

Android - Local Privilege Escalation via Protected Confirmation Screen Bypass

CVE-2023-22593 MEDIUM

IBM Robotic Process Automation 21.0.1-21.0.7.3 & 23.0.0-23.0.3 Privilege Escalation via Redis Misconfiguration

CVE-2023-34148 HIGH

Trend Micro Apex One/Apex One as a Service - Privilege Escalation

CVE-2023-34147 HIGH

Trend Micro Apex One/Apex One as a Service - Privilege Escalation

CVE-2023-34146 HIGH

Trend Micro Apex One/Apex One as a Service - Privilege Escalation

CVE-2023-35165 MEDIUM

AWS Cloud Development Kit 1.57.0-1.202.0 and 2.0.0-2.80.0 - Incorrect Authorization via Overly Permissive Trust Policy

CVE-2023-32353 HIGH

iTunes < 12.12.9 - Privilege Escalation

CVE-2023-3114 MEDIUM

Terraform Enterprise <202306-1 - Privilege Escalation

CVE-2023-34923 HIGH

TOPdesk 12.10.12 - Authenticated User Impersonation via SAML Response Manipulation

CVE-2023-29708 HIGH

WavLink WavRouter RPT70HA1.x - Unauthenticated Factory Reset via adm.cgi

CVE-2023-0971 CRITICAL

SiLabs Z/IP Gateway SDK < 7.18.01 - Authentication Bypass and Privilege Escalation

CVE-2023-35166 CRITICAL

XWiki 8.1-14.10.5 - Incorrect Authorization via Tip UI Extension

CVE-2023-34161 HIGH

Huawei EMUI - Incorrect Authorization in SettingsProvider Module

CVE-2023-35866 MEDIUM

KeePassXC < 2.7.5 - Unauthenticated Database Security Settings Modification

CVE-2023-25185 LOW

NOKIA Airscale ASIKA Single RAN < 21B - Improper Privilege Management

CVE-2023-29296 MEDIUM

Adobe Commerce <2.4.6 - Auth Bypass

CVE-2023-29295 MEDIUM

Adobe Commerce <2.4.6 - Auth Bypass

CVE-2023-29288 MEDIUM

Adobe Commerce <2.4.6 - Auth Bypass

CVE-2023-22248 HIGH

Adobe Commerce <2.4.6 - Auth Bypass

CVE-2023-28175 HIGH

Bosch Video Management System 11.0-11.1.1 - Authenticated Internal Network Access via SSH Port Forwarding

CVE-2023-32061 MEDIUM

Discourse < 3.0.4 - Unauthenticated Comment Hiding via iFrame Tag

CVE-2023-24546 HIGH

Arista CloudVision Portal - Info Disclosure

CVE-2023-34965 MEDIUM

SSPanel-Uim 2023.3 - Incorrect Authorization in /link/ Interface

CVE-2023-32220 HIGH

Milesight NCR/camera_firmware 71.8.0.6-r5 - Authentication Bypass

CVE-2023-32219 MEDIUM

Mazda Firmware - Unauthenticated Vehicle Unlock

Previous Page 72 of 124 Next

Details

Vulnerabilities 3,088

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy