Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,098 vulnerabilities with CWE-863

CVE-2022-1224 MEDIUM

phpipam < 1.4.6 - Improper Authorization

CVE-2022-1223 MEDIUM

phpipam < 1.4.6 - Incorrect Authorization

CVE-2022-0406 MEDIUM

GitHub janeczku/calibre-web <0.6.16 - Auth Bypass

CVE-2022-1177 MEDIUM

OpenEMR < 6.1.0 - Insufficient Access Control for Patient Reports

CVE-2022-0720 MEDIUM

Amelia WordPress <1.0.47 - Privilege Escalation

CVE-2022-24783 CRITICAL

Deno 1.18.0-1.20.2 - Unauthenticated Privilege Escalation via Permission Check Bypass

CVE-2022-24778 HIGH

imgcrypt < 1.1.4 - Incorrect Authorization via ManifestList Architecture Handling

CVE-2022-26629 CRITICAL

SoroushPlus+ Messenger <1.0.30 - Auth Bypass

CVE-2022-24730 HIGH

Argo CD <2.1.11, 2.2.6, 2.3.0 - Path Traversal

CVE-2022-0981 HIGH

Quarkus < 2.7.1 - Incorrect Authorization via RestEasy Reactive State Leak

CVE-2022-24755 HIGH

Bareos Director <21.1.0, 20.0.6, 19.2.12 - Auth Bypass

CVE-2022-24721 HIGH

CometD <5.0.11,6.0.6,7.0.6 - Info Disclosure

CVE-2022-24128 HIGH

TimescaleDB <2.5.2 - Privilege Escalation

CVE-2022-0860 CRITICAL

cobbler < 3.3.2 - Improper Authorization

CVE-2022-24609 CRITICAL

Luocms v2.0 - Incorrect Access Control via Template Management

CVE-2022-24748 MEDIUM

Shopware <6.4.8.2 - Info Disclosure

CVE-2022-0482 CRITICAL

GitHub alextselegidis/easyappointments <1.4.3 - Info Disclosure

CVE-2022-24714 MEDIUM

Icinga Web 2 < 2.8.6 - Incorrect Authorization via Role Restrictions with Decommissioned Services

CVE-2022-24306 CRITICAL

Zoho ManageEngine SharePoint Manager Plus <4329 - Privilege Escalation

CVE-2022-0829 HIGH

webmin < 1.990 - Improper Authorization

CVE-2022-0824 HIGH

webmin < 1.990 - Improper Access Control to Remote Code Execution

CVE-2022-0577 MEDIUM

scrapy < 2.6.1 - Exposure of Sensitive Information to an Unauthorized Actor

CVE-2022-0762 MEDIUM

microweber/microweber <1.3 - Info Disclosure

CVE-2022-21706 HIGH

Zulip Server 2.0.0-4.10.0 - Insufficient Access Control via Multi-Use Invitations

CVE-2022-0727 MEDIUM

GitHub chocobozzz/peertube <4.1.0 - Info Disclosure

Previous Page 89 of 124 Next

Details

Vulnerabilities 3,098

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy