Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,088 vulnerabilities with CWE-863

CVE-2023-31226 HIGH

MediaPlaybackController SDK - Info Disclosure

CVE-2023-2002 MEDIUM

Linux Kernel < 6.4 - Unauthorized Bluetooth Management Command Execution via HCI Sockets

CVE-2023-1158 MEDIUM

Hitachi Vantara Pentaho Business Analytics Server < 9.4.0.1, < 9.3.0.3, 8.3.x - Incorrect Authorization

CVE-2023-31726 HIGH

AList 3.15.1 - Incorrect Access Control

CVE-2023-23304 CRITICAL

Garmin Connect IQ 2.1.0-4.1.7 - Incorrect Authorization in Toybox.SensorHistory Module

CVE-2023-23299 HIGH

Garmin Connect IQ 1.0.0-4.1.7 - Incorrect Authorization via TVM Permission Bypass

CVE-2023-27920 MEDIUM

SolarView Compact SV-CPT-MC310 and SV-CPT-MC310F < 8.10 - Authenticated System Date/Time Alteration

CVE-2023-27388 CRITICAL

Tandd Tr-71w Firmware - Incorrect Authorization

CVE-2023-27384 MEDIUM

Cybozu Garoon 5.15.0 - Authenticated Operation Restriction Bypass in MultiReport

CVE-2023-25946 HIGH

Qrio Lock (Q-SL2) Firmware < 2.0.9 - Authentication Bypass via Communication Data Analysis

CVE-2023-33254 MEDIUM

KACE Systems Deployment <9.0.146 - Info Disclosure

CVE-2023-26818 MEDIUM

Telegram 9.3.1 and 9.4.0 - Unauthenticated Incorrect Authorization via DYLD_INSERT_LIBRARIES Flag

CVE-2023-31597 MEDIUM

Zammad < 5.4.1 - Incorrect Authorization and Email Verification Bypass

CVE-2023-2782 MEDIUM

Acronis Cyber Infrastructure < 5.3.1-38 - Sensitive Information Disclosure

CVE-2023-29927 MEDIUM

Sage 300 < 2022 - Incorrect Authorization via Client-Side Role-Based Access Control Bypass

CVE-2023-21117 HIGH

Android 13 - Incorrect Authorization via Broadcast Receiver Registration

CVE-2023-21116 MEDIUM

Android - Local Privilege Escalation via InstallPackageHelper Logic Error

CVE-2023-23446 HIGH

SICK FTMg AIR FLOW SENSOR Firmware < 2.0 - Unauthenticated Arbitrary File Read via REST Interface

CVE-2023-23445 HIGH

SICK FTMg AIR FLOW SENSOR Firmware < 2.0 - Unauthenticated Improper Access Control via REST Interface

CVE-2023-20880 MEDIUM

VMware Aria Operations 8.6.0-8.11.0 - Privilege Escalation to Root

CVE-2023-20877 HIGH

VMware Aria Operations - Authenticated Privilege Escalation via Code Execution

CVE-2023-29819 MEDIUM

Webroot SecureAnywhere < 9.0.33.39 - Privilege Escalation via Crafted Payload

CVE-2023-29818 MEDIUM

Webroot SecureAnywhere < 9.0.33.39 - Incorrect Authorization via Default Allowlist Feature

CVE-2023-2515 MEDIUM

Mattermost < 7.1.8 - Incorrect Authorization via Personal Access Token Creation

CVE-2023-28357 MEDIUM

Rocket.Chat < 6.0.0 - Authenticated Private Channel Member Enumeration via Slash Command /mute

Previous Page 74 of 124 Next

Details

Vulnerabilities 3,088

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy