Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,098 vulnerabilities with CWE-863

CVE-2023-27899 HIGH

Jenkins < 2.375.4, < 2.394, 2.376-2.387.1 - Arbitrary Code Execution via Plugin Upload Temporary File

CVE-2023-22891 HIGH

SmartBear Zephyr Enterprise <= 7.15.0 - Authenticated Privilege Escalation via Password Reset

CVE-2023-27486 HIGH

xCAT < 2.16.5 - Incorrect Authorization via Zone Configuration

CVE-2023-27485 MEDIUM

thm feedbacksystem < 1.5.3 - Authenticated Incorrect Authorization in Subresults Query

CVE-2023-0328 MEDIUM

WPCode < 2.0.7 - Authenticated Inadequate Privilege Checks in AJAX Actions

CVE-2023-1164 HIGH

KylinOS < 1.3.11-23 and < 1.30.10-5.p23 - Improper Authorization in File Import

CVE-2023-26056 MEDIUM

XWiki Platform <3.0-milestone-1 - Privilege Escalation

CVE-2023-0952 MEDIUM

Devolutions Server < 2022.3.12 - Authenticated Sensitive Data Exposure via Improper Access Controls

CVE-2023-25575 HIGH

API Platform Core 2.7-2.7.9 3.0-3.0.11 - Unauthorized Data Disclosure via Security Rule Caching

CVE-2023-23510 MEDIUM

macOS < 13.2 - Unprotected User Data Exposure via Safari History Access

CVE-2023-23506 MEDIUM

macOS < 13.2 - Unprotected User Data Exposure via Permissions Issue

CVE-2023-23918 HIGH

Node.js <19.6.1, <18.14.1, <16.19.1, <14.21.3 - Privilege Escalation

CVE-2023-23064 CRITICAL

TOTOLINK A720R V4.1.5cu.532_B20210610 - Incorrect Access Control

CVE-2023-24485 HIGH

Citrix Workspace app - Privilege Escalation

CVE-2023-23947 CRITICAL

Argo CD <2.3.17, <2.4.23, <2.5.11, <2.6.2 - Privilege Escalation

CVE-2023-25173 MEDIUM

containerd < 1.5.18 - Incorrect Authorization via Supplementary Group Handling

CVE-2023-21715 HIGH KEV

Microsoft Publisher - Privilege Escalation

CVE-2023-0814 MEDIUM

Profile Builder < 3.9.0 - Authenticated Sensitive Information Exposure via User Meta Shortcode

CVE-2023-25559 HIGH

DataHub < 0.8.45 - Unauthenticated Authorization Bypass via HTTP Header Case Smuggling

CVE-2023-21424 MEDIUM

Samsung Android - Improper Authorization in SemChameleonHelper

CVE-2023-21423 MEDIUM

Samsung Android ChnFileShareKit - Improper Authorization via BLE Advertising Control

CVE-2023-21422 MEDIUM

Samsung Android - Improper Authorization in WifiService semAddPublicDnsAddr

CVE-2023-23696 HIGH

Dell Command Intel vPro Out of Band < 4.4.0 - Authenticated Arbitrary File Write

CVE-2023-24029 HIGH

WS_FTP Server <8.8 - Privilege Escalation

CVE-2023-23751 MEDIUM

Joomla! 4.0.0-4.2.4 - Incorrect Authorization in com_actionlogs

Previous Page 78 of 124 Next

Details

Vulnerabilities 3,098

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy