Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,104 vulnerabilities with CWE-863

CVE-2021-30972 MEDIUM

macOS 10.15-10.15.6 and 11.0-11.6.2 - Incorrect Authorization

CVE-2021-30925 CRITICAL

iPadOS < 15.0 - Incorrect Authorization

CVE-2021-30856 CRITICAL

macOS Big Sur <11.3 - Privilege Escalation

CVE-2021-26040 CRITICAL

Joomla! 4.0.0 - Incorrect Authorization for Media File Deletion

CVE-2021-22253 MEDIUM

GitLab EE 13.4.0-13.12.8 - Improper Authorization in Deployment Access Control

CVE-2021-22251 MEDIUM

GitLab 12.2.0-13.12.8 - Incorrect Authorization via Email Domain Validation Bypass

CVE-2021-37598 MEDIUM

WP Cerber < 8.9.3 - Unauthenticated Access Control Bypass via Trailing ? Character

CVE-2021-39138 MEDIUM

parse-server < 4.5.1 - Improper Authentication via Incorrect Session Creation

CVE-2021-0645 HIGH

Android 11 - Unauthenticated Permissions Bypass in ExternalStorageProvider

CVE-2021-32829 CRITICAL

ZStack REST API 2.2.4-3.8.21 - Authenticated Code Execution via Groovy Sandbox Bypass

CVE-2021-37705 CRITICAL

OneFuzz 2.12.0-2.31.0 - Authenticated Origin Validation Error via Multi-Tenant Domain Configuration

CVE-2021-27793 MEDIUM

Brocade Fabric OS <9.0.1b & >8.2.0 - Privilege Escalation

CVE-2021-25954 MEDIUM

Dolibarr 2.8.1-13.0.4 - Improper Access Control in Private Note Endpoint

CVE-2021-38137 HIGH

Corero SecureWatch Managed Services 9.7.2.0020 - Privilege Escalation

CVE-2021-22240 MEDIUM

GitLab 13.7.0-13.11.6 - Incorrect Authorization via Single Sign-On User Creation

CVE-2021-33335 HIGH

Liferay Portal/DXP - Privilege Escalation

CVE-2021-30571 CRITICAL

Google Chrome <92.0.4515.107 - Privilege Escalation

CVE-2021-22398 MEDIUM

Huawei Smartphones Digital Balance - Logic Error Bypass

CVE-2021-22389 CRITICAL

Huawei EMUI and Magic UI - Incorrect Authorization

CVE-2021-22521 MEDIUM

Micro Focus ZENworks <2020 Update 1 - Privilege Escalation

CVE-2021-28674 MEDIUM

SolarWinds Orion Platform < 2020.2.5 - Authenticated Node Creation and Deletion via Predictable Node IDs

CVE-2021-36091 LOW

OTRS 6.0.1-6.0.31 and 7.0.0-7.0.27 - Unauthorized Exposure of Sensitive Information via Calendar Appointment Listing

CVE-2021-36230 HIGH

HashiCorp Terraform Enterprise <v202107-1 - Privilege Escalation

CVE-2021-36758 MEDIUM

1Password Connect < 1.2 - Privilege Escalation via Secrets Automation Access Token

CVE-2021-33718 MEDIUM

Mendix <7.23.22-8.18.7-9.3.0 - Privilege Escalation

Previous Page 97 of 125 Next

Details

Vulnerabilities 3,104

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy