Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,098 vulnerabilities with CWE-863

CVE-2022-20558 LOW

Android 13 - Incorrect Authorization in DeviceCapabilityListener

CVE-2022-41962 LOW

BigBlueButton < 2.4-rc-6 and 2.5-alpha-1 - Authenticated Incorrect Authorization in Emoji Status Feature

CVE-2022-23741 HIGH

GitHub Enterprise Server < 3.3.17 - Incorrect Authorization via Scoped User-to-Server Token

CVE-2022-46160 MEDIUM

Tuleap <14.2.99.104 - Info Disclosure

CVE-2022-23473 MEDIUM

Tuleap < 14.2.99.148 - Incorrect Authorization in MediaWiki Standalone Plugin

CVE-2022-41274 MEDIUM

SAP Disclosure Mgmt <10.1 - Info Disclosure

CVE-2022-3883 MEDIUM

stopbadbots < 7.24 - Authenticated Arbitrary Plugin Installation via AJAX Action

CVE-2022-3882 MEDIUM

wp-memory < 2.46 - Authenticated Arbitrary Plugin Installation via CSRF

CVE-2022-3881 MEDIUM

WP Tools Increase Maximum Limits, Repair, Server PHP Info, Javascri...

CVE-2022-3880 MEDIUM

antihacker < 4.20 - Authenticated Plugin Installation via AJAX Action

CVE-2022-3879 MEDIUM

Car Dealer WordPress Plugin < 3.05 - Authenticated Arbitrary Plugin Installation via AJAX Action

CVE-2022-45956 MEDIUM

Boa 0.94.13-0.94.14 - Authentication Bypass via HEAD HTTP Method

CVE-2022-45760 HIGH

SENS v1.0 - Incorrect Access Control

CVE-2022-4397 MEDIUM

zend-blog-2 - Cross-Site Request Forgery in Comment Handler

CVE-2022-39914 MEDIUM

Android < 13.0 - Unauthorized Sensitive Information Exposure via DisplayManagerService

CVE-2022-39913 MEDIUM

Android < 13.0 - Exposure of Sensitive Information via Persona Manager

CVE-2022-39903 MEDIUM

Android - Exposure of Sensitive Information via RCS Call Access Control

CVE-2022-4349 MEDIUM

CTF-hacker pwn - Cross-Site Request Forgery in delete.html

CVE-2022-46792 HIGH

Hasura GraphQL Engine <2.15.2 - Info Disclosure

CVE-2022-46169 CRITICAL KEV

Cacti 1.2.22 unauthenticated command injection

CVE-2022-44039 CRITICAL

Franklin Fueling System FFS Colibri 1.9.22.8925 - Privilege Escalation

CVE-2022-43515 MEDIUM

Zabbix Frontend 4.0.0-4.0.43 - Unauthenticated IP Restriction Bypass

CVE-2022-46167 HIGH

Capsule <0.1.3 - Privilege Escalation

CVE-2022-41970 LOW

Nextcloud Server < 24.0.7 and 25.0.1 - Improper Access Control via Preview Image Download

CVE-2022-24189 MEDIUM

Ourphoto 1.4.1 - Incorrect Authorization via Missing User Token

Previous Page 82 of 124 Next

Details

Vulnerabilities 3,098

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy