Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-285 (授权机制不恰当) — Vulnerability Class 972

972 vulnerabilities classified as CWE-285 (授权机制不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-32169 bytebase - Improper Authorization — bytebase 4.3 -2022-09-28
CVE-2022-32170 bytebase - Improper Authorization — bytebase 4.3 -2022-09-28
CVE-2022-29490 A vulnerability exists in the Workplace X WebUI in which an authenticated user is able to execute any MicroSCADA internal scripts irrespective of the authenticated user's role. — MicroSCADA X SYS600 8.5 High2022-09-12
CVE-2022-36857 SAMSUNG Mobile devices 安全漏洞 — Samsung Mobile Devices 1.9 Low2022-09-09
CVE-2022-36852 SAMSUNG Mobile devices 安全漏洞 — Samsung Mobile Devices 1.9 Low2022-09-09
CVE-2022-36848 SAMSUNG Mobile devices 安全漏洞 — Samsung Mobile Devices 5.1 Medium2022-09-09
CVE-2022-36872 SAMSUNG Mobile devices 安全漏洞 — Samsung Pay 5.0 Medium2022-09-09
CVE-2022-36870 SAMSUNG Mobile devices 安全漏洞 — Samsung Pay 5.0 Medium2022-09-09
CVE-2022-36871 SAMSUNG Mobile devices 安全漏洞 — Samsung Pay 5.0 Medium2022-09-09
CVE-2022-36876 SAMSUNG Mobile devices 安全漏洞 — Samsung Pass 1.8 Low2022-09-09
CVE-2022-36090 org.xwiki.platform:xwiki-platform-oldcore Improper Authorization check for inactive users — xwiki-platform 8.1 High2022-09-08
CVE-2022-31167 XWiki Platform Security Parent POM vulnerable to overwriting of security rules of a page with a final page having the same reference — xwiki-platform 7.1 High2022-09-07
CVE-2022-31247 Rancher: Downstream cluster privilege escalation through cluster and project role template binding (CRTB/PRTB) — Rancher 9.1 Critical2022-09-07
CVE-2022-2901 Improper Authorization in chatwoot/chatwoot — chatwoot/chatwoot 5.4 -2022-09-06
CVE-2022-20921 Cisco ACI Multi-Site Orchestrator Privilege Escalation Vulnerability — Cisco ACI Multi-Site Orchestrator Software 8.8 High2022-08-25
CVE-2022-2661 Sequi PortBloque S Improper Authorization — PortBloque S 9.9 Critical2022-08-16
CVE-2022-34256 Adobe Commerce Improper Authorization Privilege escalation — Magento Commerce 7.5 High2022-08-16
CVE-2022-31609 NVIDIA vGPU Software 安全漏洞 — NVIDIA Virtual GPU Software and NVIDIA Cloud Gaming 7.8 High2022-08-05
CVE-2022-2675 Unitree Go 1 "Robot Dog" Unauthenticated Remote Power Down — Go 1 6.5 -2022-08-05
CVE-2022-33722 SAMSUNG Mobile devices 安全漏洞 — Samsung Mobile Devices 4.0 Medium2022-08-05
CVE-2022-36837 SAMSUNG Email 安全漏洞 — Samsung email 6.2 Medium2022-08-05
CVE-2022-36838 SAMSUNG Mobile devices 安全漏洞 — Galaxy Wearable 4.0 Medium2022-08-05
CVE-2022-2595 Improper Authorization in kromitgmbh/titra — kromitgmbh/titra 8.8 -2022-08-01
CVE-2022-26310 Improper Authorization in User Management to Vertical Privilege Escalation — Pandora FMS 7.3 High2022-08-01
CVE-2022-24083 Pegasystem Pega 安全漏洞 — Pega Infinity 8.4 -2022-07-25
CVE-2022-31168 Zulip Server insufficient authorization for changing bot roles — zulip 5.4 Medium2022-07-22
CVE-2022-2393 pki-core 安全漏洞 — pki-core 5.7 -2022-07-14
CVE-2022-33705 SAMSUNG Calendar 安全漏洞 — Calendar 3.3 -2022-07-11
CVE-2022-33713 SAMSUNG Cloud 安全漏洞 — Samsung Cloud 6.2 -2022-07-11
CVE-2022-33712 SAMSUNG Mobile devices 输入验证错误漏洞 — Camera 3.3 -2022-07-11

Vulnerabilities classified as CWE-285 (授权机制不恰当) represent 972 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.