Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-285 (授权机制不恰当) — Vulnerability Class 972

972 vulnerabilities classified as CWE-285 (授权机制不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-41974 Tad Book3 - Improper Authorization — Tad Book3 9.1 Critical2021-10-08
CVE-2021-41568 Tad Web - Improper Authorization — Tad Web 5.3 Medium2021-10-08
CVE-2021-41564 Tad Honor - Improper Authorization — Tad Honor 5.3 Medium2021-10-08
CVE-2021-25499 Samsung Galaxy Store 授权问题漏洞 — Galaxy Store 7.1 High2021-10-06
CVE-2021-41100 Account takeover when having only access to a user's short lived token in wire-server — wire-server 7.4 High2021-10-04
CVE-2021-41093 Account takeover when having only access to a user's short lived token — wire-ios 7.4 High2021-10-04
CVE-2021-25460 SAMSUNG SMR 安全漏洞 — Samsung Mobile Devices 4.0 Medium2021-09-09
CVE-2021-25459 SAMSUNG SMR 安全漏洞 — Samsung Mobile Devices 4.0 Medium2021-09-09
CVE-2021-3049 Cortex XSOAR: Improper Authorization of Incident Investigations Vulnerability — Cortex XSOAR 2.6 Low2021-09-08
CVE-2021-28567 Magento Commerce improper authorization allows an authenticated user to perform certain functions without permission — Magento Commerce 6.5 -2021-09-08
CVE-2021-36029 Magento Commerce Improper Authorization Vulnerability Could Lead To Remote Code Execution — Magento Commerce 9.1 Critical2021-09-01
CVE-2021-36037 Magento Commerce Improper Authorization Vulnerability Could Lead To Information Exposure — Magento Commerce 6.5 Medium2021-09-01
CVE-2021-27663 CEM Systems AC2000 — CEM Systems AC2000 8.2 High2021-08-30
CVE-2021-34434 Eclipse Mosquitto 授权问题漏洞 — Eclipse Mosquitto 4.3 -2021-08-30
CVE-2021-28626 Adobe Experience Manager Improper Authorization at /content/usergenerated — Experience Manager 3.7 Low2021-08-24
CVE-2021-3616 Lenovo Smart Camera 安全漏洞 — Smart Camera X3, X5, and C2E firmware 9.4 Critical2021-08-17
CVE-2021-37705 Improper Authorization and Origin Validation Error in OneFuzz — onefuzz 10.0 Critical2021-08-13
CVE-2021-36276 Dell DBUtilDrv2.sys 安全漏洞 — dbutil 8.8 High2021-08-09
CVE-2021-35964 Learningdigital.com, Inc. Orca HCM - Broken Authentication — Orca HCM 7.3 High2021-07-19
CVE-2021-32688 Application specific tokens can change their own scope — security-advisories 8.8 High2021-07-12
CVE-2021-1576 Cisco Business Process Automation Privilege Escalation Vulnerabilities — Cisco Business Process Automation (BPA) 8.8 High2021-07-08
CVE-2021-1574 Cisco Business Process Automation Privilege Escalation Vulnerabilities — Cisco Business Process Automation (BPA) 8.8 High2021-07-08
CVE-2021-25433 Samsung Tizen安全漏洞 — Tizen wearable devices 6.2 -2021-07-08
CVE-2021-32523 QSAN Storage Manager - Improper Authorization — Storage Manager 9.1 Critical2021-07-07
CVE-2021-28563 Magento Commerce improper Authorization via the 'Create Customer' endpoint — Magento Commerce 6.5 Medium2021-06-28
CVE-2021-3044 Cortex XSOAR: Unauthorized Usage of the REST API — Cortex XSOAR 9.8 Critical2021-06-22
CVE-2021-23140 Gallagher Command Centre Server 安全漏洞 — Command Centre 9.9 Critical2021-06-11
CVE-2021-23136 Gallagher Command Centre Server 安全漏洞 — Command Centre 6.5 Medium2021-06-11
CVE-2021-25399 Samsung Mobile Smart Manager 配置错误漏洞 — Smart Manager 7.8 -2021-06-11
CVE-2021-25417 Samsung SMR 安全漏洞 — Samsung Mobile Devices 7.5 -2021-06-11

Vulnerabilities classified as CWE-285 (授权机制不恰当) represent 972 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.