Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,099 vulnerabilities with CWE-863

CVE-2022-0727 MEDIUM

GitHub chocobozzz/peertube <4.1.0 - Info Disclosure

CVE-2022-25335 HIGH

RigoBlock Drago < 2022-02-17 - Incorrect Authorization in setMultipleAllowances

CVE-2022-21141 CRITICAL

Airspan Mimosa Management Platform <1.0.3 & C6x/C5x/C5c <2.8.6.1 & A5x <2.5.4.1 - Incorrect Authorization

CVE-2022-0451 MEDIUM

Dart SDK < 2.16.0 - Sensitive Information Exposure via HTTPClient Cross-Origin Redirect

CVE-2022-25318 MEDIUM

Cerebrate < 1.4 - Incorrect Authorization via Sharing Group ACL

CVE-2022-0633 MEDIUM

UpdraftPlus WordPress plugin <1.22.3-2.22.3 - Info Disclosure

CVE-2022-25270 MEDIUM

Drupal 9.2.0-9.2.12 and 9.3.0-9.3.5 - Incorrect Authorization in Quick Edit Module

CVE-2022-0580 HIGH

Packagist librenms/librenms <22.2.0 - Info Disclosure

CVE-2022-0309 MEDIUM

Google Chrome < 97.0.4692.99 - Navigation Restriction Bypass via Autofill

CVE-2022-0117 MEDIUM

Google Chrome < 97.0.4692.71 - Policy Bypass via Crafted HTML Page

CVE-2022-23998 MEDIUM

Camera <11.1.02.16, <10.5.03.77, <9.0.6.68 - Info Disclosure

CVE-2022-23615 MEDIUM

XWiki Platform < 13.0 - Incorrect Authorization via Document Save with Elevated Rights

CVE-2022-23627 MEDIUM

ArchiSteamFarm 5.2.2.2-5.2.2.5 - Incorrect Authorization via Proxy Command Verification

CVE-2022-21713 MEDIUM

Grafana 5.0.0-7.5.14 - Authenticated Authorization Bypass via Team API Endpoints

CVE-2022-24307 CRITICAL

Mastodon <3.3.2, <3.4.6 - Info Disclosure

CVE-2022-0273 MEDIUM

Pypi calibreweb <0.6.16 - Info Disclosure

CVE-2022-23009 HIGH

BIG-IQ Centralized Management 8.x - Authenticated Incorrect Authorization

CVE-2022-0334 MEDIUM

Moodle <3.11.4-3.10.8-3.9.11 - Info Disclosure

CVE-2022-0333 LOW

Moodle <3.11.4-3.10.8-3.9.11 - Privilege Escalation

CVE-2022-21707 MEDIUM

wasmCloud Host Runtime < 0.52.2 - Missing Authorization for Actor Capability Claims

CVE-2022-21701 MEDIUM

Istio 1.12.0-1.12.1 - Privilege Escalation via Kubernetes Gateway API

CVE-2022-22167 HIGH

Juniper Networks Junos OS - Privilege Escalation

CVE-2022-22157 HIGH

Juniper Networks Junos OS - Privilege Escalation

CVE-2022-21678 MEDIUM

Discourse < 2.7.13 - Unauthorized Exposure of Private User Bios in Meta Tags

CVE-2022-21894 MEDIUM

Windows 10, 11, 8.1, Server 2012, and Server - Secure Boot Security Feature Bypass

Previous Page 90 of 124 Next

Details

Vulnerabilities 3,099

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy