Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-285 (授权机制不恰当) — Vulnerability Class 972

972 vulnerabilities classified as CWE-285 (授权机制不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-33702 SAMSUNG Mobile devices Knoxguard 安全漏洞 — Samsung Mobile Devices 6.2 Medium2022-07-11
CVE-2022-30757 SAMSUNG Mobile devices isemtelephony 安全漏洞 — Samsung Mobile Devices 4.0 Medium2022-07-11
CVE-2022-30670 Escalate Privileges to Server Admin - Robohelp Server — RoboHelp 8.8 -2022-06-16
CVE-2022-30746 Samsung mobile 安全漏洞 — Smart Things 7.5 High2022-06-07
CVE-2022-30730 Samsung Pass 安全漏洞 — Samsung Pass 4.6 Medium2022-06-07
CVE-2022-30722 Samsung Account 安全漏洞 — Samsung Mobile Devices 6.2 Medium2022-06-07
CVE-2022-30717 Samsung mobile 安全漏洞 — Samsung Mobile Devices 4.0 Medium2022-06-07
CVE-2022-2019 SourceCodester Prison Management System New User Creation improper authorization — Prison Management System 7.3 High2022-06-07
CVE-2022-31025 Invite bypasses user approval in Discourse — discourse 2.6 Low2022-06-03
CVE-2022-29236 Improper access control for pencil annotations in BigBlueButton — bigbluebutton 4.3 Medium2022-06-01
CVE-2022-29234 Grace period for lock settings in public/private chats in BigBlueButton — bigbluebutton 4.3 Medium2022-06-01
CVE-2022-29233 Improper access control for breakout rooms in BigBlue Button — bigbluebutton 4.3 Medium2022-06-01
CVE-2022-26857 Dell OpenManage Enterprise 安全漏洞 — OpenManage Enterprise 9.0 Critical2022-05-26
CVE-2021-27772 HCL Sametime is vulnerable to an information disclosure — Sametime 7.1 High2022-05-12
CVE-2022-0027 Cortex XSOAR: Incorrect Authorization Vulnerability When Generating Reports — Cortex XSOAR 4.3 Medium2022-05-11
CVE-2021-43939 Elcomplus SmartPtt Improper Authorization — SmartPTT 8.8 High2022-04-28
CVE-2022-0993 SiteGround Security <= 1.2.5 - Authorization Weakness to Authentication Bypass — Security Optimizer – The All-In-One Protection Plugin 8.1 High2022-04-19
CVE-2022-28776 Samsung Galaxy Store 安全漏洞 — Galaxy Store 5.9 Medium2022-04-11
CVE-2022-1224 Improper Authorization in phpipam/phpipam — phpipam/phpipam 7.1 -2022-04-04
CVE-2022-0406 Improper Authorization in janeczku/calibre-web — janeczku/calibre-web 5.4 -2022-04-03
CVE-2022-0860 Improper Authorization in cobbler/cobbler — cobbler/cobbler 9.1 -2022-03-11
CVE-2022-0821 Improper Authorization in orchardcms/orchardcore — orchardcms/orchardcore 6.5 -2022-03-10
CVE-2022-0829 Improper Authorization in webmin/webmin — webmin/webmin 8.3 -2022-03-02
CVE-2022-21196 Airspan Networks Mimosa Improper Authorization — MMP 10.0 Critical2022-02-18
CVE-2022-0587 Improper Authorization in librenms/librenms — librenms/librenms 8.1 -2022-02-15
CVE-2022-24002 SAMSUNG Link Sharing 安全漏洞 — Link sharing 4.0 Medium2022-02-11
CVE-2021-42000 Ping Identity PingFederate Password Reset and Password Change Mishandling with an authentication policy in parallel reset flows — PingFederate 5.3 Medium2022-02-10
CVE-2021-44204 Local privilege escalation via named pipe due to improper access control checks — Acronis Cyber Protect 15 7.8 -2022-02-04
CVE-2021-28500 An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration. — Arista EOS 9.1 Critical2022-01-14
CVE-2021-28506 An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip authorization and authentication which could potentially allow a factory reset of the device. — EOS 9.1 Critical2022-01-14

Vulnerabilities classified as CWE-285 (授权机制不恰当) represent 972 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.