Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,088 vulnerabilities with CWE-863

CVE-2023-28325 MEDIUM

Rocket.Chat < 6.0.0 - Improper Authorization via rid Parameter Manipulation

CVE-2023-24932 MEDIUM

Windows 10 1507-22H2 and Windows 11 21H2-22H2 - Secure Boot Security Feature Bypass

CVE-2023-32069 CRITICAL

XWiki 3.3-milestone-2-14.10.3 - Incorrect Authorization

CVE-2023-32060 MEDIUM

DHIS2 2.35.0-2.36.12 - Improper Access Control in Tracked Entity and Events API Endpoints

CVE-2023-31138 HIGH

DHIS2 Core <2.37.9.1-2.39.1.2 - Privilege Escalation

CVE-2023-31141 MEDIUM

OpenSearch <1.3.10-2.7.0 - Info Disclosure

CVE-2023-24505 MEDIUM

Milesight NCR/camera <71.8.0.6-r5 - Info Disclosure

CVE-2023-27954 MEDIUM

Safari < 16.4 - Incorrect Authorization via Origin Information Leak

CVE-2023-27951 MEDIUM

macOS < 11.7.5 - Gatekeeper Bypass via Archive Handling

CVE-2023-23538 MEDIUM

macOS < 12.6.4 - Unprotected User Data Exposure via Path Handling Issue

CVE-2023-30840 MEDIUM

Fluid 0.7.0-0.8.5 - Incorrect Authorization via CSI Node Plugin

CVE-2023-1979 MEDIUM

Web Stories for WordPress - Privilege Escalation

CVE-2023-2534 HIGH

OTRS 8.0.0-8.0.31 - Authenticated Improper Authorization via Websocket API

CVE-2023-29240 MEDIUM

F5 BIG-IQ Centralized Management 8.0.0-8.2.0 - Authenticated Arbitrary File Upload via iControl REST Endpoint

CVE-2023-31435 HIGH

evasys <8.2.2286 & <9.0.2401 - Info Disclosure

CVE-2023-30024 MEDIUM

magicJack A921 Firmware - Unauthenticated Arbitrary Code Execution via Hidden NAND Flash Partition

CVE-2023-30467 HIGH

Milesight 4K/H.265 Series NVR Firmware < 73.9.0.18-r2 - Improper Authorization

CVE-2023-26246 HIGH

Hyundai Gen5W_L - Privilege Escalation

CVE-2023-26245 HIGH

Hyundai Gen5W_L - Privilege Escalation

CVE-2023-26244 HIGH

Hyundai Gen5W_L - Privilege Escalation

CVE-2023-27107 HIGH

MyQ Solution Print Server <8.2.32 - Info Disclosure

CVE-2023-31250 MEDIUM

Drupal 7.0-7.95 and 10.0.0-10.0.7 - Incorrect Authorization in File Download Facility

CVE-2023-24512 HIGH

Arista EOS 4.26.0-4.26.10m - Authenticated Arbitrary Configuration Update via gNMI Request

CVE-2023-20871 HIGH

VMware Fusion 13.0.0-13.0.1 - Local Privilege Escalation

CVE-2023-2257 HIGH

Devolutions Workspace < 2023.1.1.4 - Authentication Bypass via Unimplemented Force Login Feature

Previous Page 75 of 124 Next

Details

Vulnerabilities 3,088

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy