Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,098 vulnerabilities with CWE-863

CVE-2022-47553 HIGH

Ormazabal ekorRCI and ekorCCP Firmware - Unauthenticated Sensitive Information Exposure

CVE-2022-48538 MEDIUM

Cacti 1.2.19 - Authentication Bypass via Zero Password

CVE-2022-29871 MEDIUM

Intel Converged Security Management Engine Firmware < 11.12.94 - Authenticated Privilege Escalation via Local Access

CVE-2022-26563 HIGH

Tildeslash Monit <5.31.0 - Privilege Escalation

CVE-2022-48508 HIGH

Huawei EMUI and HarmonyOS - Inappropriate Authorization Affecting Service Integrity

CVE-2022-46080 CRITICAL

Nexxt Nebula 1200-AC <15.03.06.60 - Auth Bypass, Command Injection

CVE-2022-48495 MEDIUM

Huawei EMUI - Unauthorized Access to Foreground App Information

CVE-2022-48488 MEDIUM

Huawei EMUI - Incorrect Authorization Bypass via Default Desktop Security Controls

CVE-2022-22307 MEDIUM

IBM Security Guardium <11.6 - Privilege Escalation

CVE-2022-31646 HIGH

HP Dragonfly Folio G3 2-in-1 Firmware - Incorrect Authorization

CVE-2022-31644 HIGH

HP PC Products - RCE, Privilege Escalation, DoS, Info Disclosure

CVE-2022-40529 HIGH

Qualcomm AQT1000 Firmware - Memory Corruption via Improper Access Control in Kernel Mapping

CVE-2022-46308 HIGH

SGUDA U-Lock - Privilege Escalation

CVE-2022-46307 HIGH

SGUDA U-Lock Firmware - Incorrect Authorization in Lock Management Function

CVE-2022-45128 MEDIUM

Intel Endpoint Management Assistant < 1.9.0.0 - Authenticated Denial of Service via Local Access

CVE-2022-43465 MEDIUM

Intel Setup and Configuration Software - Authenticated Denial of Service via Local Access

CVE-2022-41610 MEDIUM

Intel(R) EMA Config Tool <1.0.4 & Intel(R) MC <2.4 - DoS

CVE-2022-47874 MEDIUM

Jedox Cloud 2020.2.5 - Authenticated Database Credential Disclosure via /tc/rpc Connections Endpoint

CVE-2022-25091 MEDIUM

Infopop Ultimate Bulletin Board <= 5.47a - Unauthenticated Private Message Disclosure via Quote Reply Feature

CVE-2022-37326 HIGH

Docker Desktop < 4.6.0 - Unauthenticated Arbitrary File Deletion via WindowsContainerStartRequest DaemonJSON pidfile

CVE-2022-25274 MEDIUM

Drupal 9.3.0-9.3.11 - Incorrect Authorization in Entity Revision Access API

CVE-2022-40682 HIGH

FortiClient 6.0.0-6.0.10, 6.2.0-6.2.9, 6.4.0-6.4.9, 7.0.0-7.0.7 - RCE via Named Pipe

CVE-2022-43770 MEDIUM

Hitachi Vantara Pentaho Business Analytics Server <9.3.0.0-8.3.0.27...

CVE-2022-43940 HIGH

Hitachi Vantara Pentaho <9.4.0.1-9.3.0.2 - Auth Bypass

CVE-2022-27642 HIGH

NETGEAR Multiple Router Firmware - Unauthenticated Incorrect Authorization via httpd String Matching

Previous Page 80 of 124 Next

Details

Vulnerabilities 3,098

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy