Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,088 vulnerabilities with CWE-863

CVE-2023-26097 HIGH

Telindus Apsal <3.14.2022.235 - Privilege Escalation

CVE-2023-30544 LOW

Kiwi TCMS < 12.2 - Unauthenticated Email Address Update via My Profile Admin Page

CVE-2023-20950 HIGH

Android - Local Privilege Escalation via AlarmManagerActivity PendingIntent

CVE-2023-25548 HIGH

StruxureWare Data Center Expert < 7.9.2 - Incorrect Authorization

CVE-2023-25547 HIGH

StruxureWare Data Center Expert < 7.9.2 - Authenticated Remote Code Execution via Package Upload

CVE-2023-2020 MEDIUM

Checkmk <= 2.1.0p27 and <= 2.2.0b4 - Unauthorized Downtime Scheduling via REST API

CVE-2023-27525 LOW

Apache Superset <= 2.0.1 - Authenticated Metadata Exposure via Non-Trivial Methods

CVE-2023-30771 CRITICAL

Apache IoTDB Web Workbench 0.13.3 - Incorrect Authorization

CVE-2023-22620 HIGH

SecurePoint UTM < 12.2.5.1 - Unauthenticated Session ID Disclosure via /spcgi.cgi

CVE-2023-28270 MEDIUM

Windows 10/11 & Server 2019/2022 Lock Screen Security Bypass

CVE-2023-28249 MEDIUM

Windows Boot Manager - Security Feature Bypass via Incorrect Authorization

CVE-2023-25415 MEDIUM

Aten PE8108 2.4.232 - Unauthenticated Incorrect Access Control

CVE-2023-1417 MEDIUM

GitLab <15.9.4-15.10.1 - Info Disclosure

CVE-2023-1071 LOW

GitLab 15.5-15.8.4, 15.9-15.9.3, 15.10 - Unauthenticated Issue Removal from Epic via Improper Permissions Check

CVE-2023-0319 MEDIUM

GitLab <15.8.5-15.9.4-15.10.1 - Info Disclosure

CVE-2023-28634 HIGH

GLPI <9.5.13, <10.0.7 - Privilege Escalation

CVE-2023-1603 MEDIUM

Dovolations Server <2022.3.13 - Privilege Escalation

CVE-2023-1202 MEDIUM

Devolutions Remote Desktop Manager < 2023.1.10 - Permission Bypass via Entry ID Collision

CVE-2023-23594 CRITICAL

Sato CL4NX Plus Firmware < 1.13.3-u724_r2 - Unauthenticated Authentication Bypass

CVE-2023-26829 CRITICAL

Gladinet CentreStack <13.5.9808 - Auth Bypass

CVE-2023-22251 MEDIUM

Adobe Commerce <2.4.4-p2, <2.4.5-p1 - Info Disclosure

CVE-2023-1144 HIGH

InfraSuite Device Master < 1.0.5 - Unauthenticated Privilege Escalation via Device-Gateway Service

CVE-2023-1136 CRITICAL

InfraSuite Device Master < 1.0.5 - Unauthenticated Authentication Bypass via Token Generation

CVE-2023-25017 HIGH

RIFARTEK IOT Wall - Authenticated Incorrect Authorization

CVE-2023-21035 HIGH

Android - Incorrect Authorization in BackupHelper.java

Previous Page 76 of 124 Next

Details

Vulnerabilities 3,088

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy