Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,098 vulnerabilities with CWE-863

CVE-2022-36009 MEDIUM

gomatrixserverlib - Info Disclosure

CVE-2022-1401 MEDIUM

Device42 CMDB < 18.01.00 - Unauthenticated Sensitive File Read via Exago Image Resource Endpoint

CVE-2022-34255 HIGH

Adobe Commerce <2.4.3-p2, 2.3.7-p3, 2.4.4 - Privilege Escalation

CVE-2022-2354 HIGH

WP-DBManager <2.80.8 - Command Injection

CVE-2022-35487 HIGH

Zammad 5.2.0 - Unauthenticated Incorrect Access Control in Attachment Endpoints

CVE-2022-33718 MEDIUM

Wi-Fi Service <SMR AUG-2022 Release 1 - Info Disclosure

CVE-2022-2501 MEDIUM

GitLab EE <15.0.5-15.2.1 - Auth Bypass

CVE-2022-2326 MEDIUM

GitLab CE/EE <15.0.5, <15.1.4, <15.2.1 - Info Disclosure

CVE-2022-2095 MEDIUM

GitLab 13.7-15.0.4, 15.1-15.1.3, 15.2 - Authenticated Deploy Key Information Disclosure

CVE-2022-27551 MEDIUM

HCL Launch 7.0.0.0-7.0.5.11 - Authenticated Sensitive Information Exposure via Improper Security Checking

CVE-2022-35924 CRITICAL

NextAuth.js <4.10.3, 3.29.10 - Info Disclosure

CVE-2022-35921 LOW

fof/byobu 0.3.0-beta.2-1.1.6 - Improper Privilege Management

CVE-2022-31190 MEDIUM

DSpace 4.0-6.3 - Exposure of Sensitive Information via XMLUI mets.xml

CVE-2022-31178 MEDIUM

elabftw < 4.3.4 - Authenticated Incorrect Authorization

CVE-2022-31155 MEDIUM

Sourcegraph <3.41.0 - Info Disclosure

CVE-2022-31154 MEDIUM

Sourcegraph <3.42 - Privilege Escalation

CVE-2022-35716 MEDIUM

IBM UrbanCode Deploy <7.2.3.0 - Info Disclosure

CVE-2022-22326 LOW

IBM Datapower Gateway - Info Disclosure

CVE-2022-1499 MEDIUM

Google Chrome < 101.0.4951.41 - Same Origin Policy Bypass via WebAuthentication

CVE-2022-1309 CRITICAL

Google Chrome < 100.0.4896.88 - Sandbox Escape via Developer Tools Policy Bypass

CVE-2022-0670 CRITICAL

Openstack manilla - Info Disclosure

CVE-2022-0594 MEDIUM

shareaholic < 9.7.6 - Unauthenticated Information Disclosure via AJAX Action

CVE-2022-1132 MEDIUM

Google Chrome < 100.0.4896.60 - Incorrect Authorization via Virtual Keyboard

CVE-2022-31168 MEDIUM

Zulip Server <5.5 - Privilege Escalation

CVE-2022-34046 HIGH

Wavlink WN533A8 M33A8.V5030.190716 - Info Disclosure

Previous Page 85 of 124 Next

Details

Vulnerabilities 3,098

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy