Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-639 (通过用户控制密钥绕过授权机制) — Vulnerability Class 1038

1038 vulnerabilities classified as CWE-639 (通过用户控制密钥绕过授权机制). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-21324 Insecure Direct Object Reference (IDOR) on "Solutions" — glpi 6.8 Medium2021-03-08
CVE-2020-8297 Nextcloud Deck 安全漏洞 — Nextcloud Deck 4.3 -2021-02-23
CVE-2021-21022 Magento Commerce Incorrect permissions Could Lead To Unauthorized Access — Magento Commerce 5.3 -2021-02-11
CVE-2021-21012 Magento Commerce Insecure Direct Object Reference Vulnerability Could Lead To Sensitive Information Disclosure — Magento Commerce 5.3 -2021-01-13
CVE-2020-26068 Cisco Telepresence CE Software and RoomOS Software Unauthorized Token Generation Vulnerability — Cisco TelePresence Endpoint Software (TC/CE) 5.5 Medium2020-11-18
CVE-2020-8235 Nextcloud 安全漏洞 — Nextcloud Deck app 4.3 -2020-10-05
CVE-2020-16240 GE APM Classic 安全漏洞 — GE Digital APM Classic 5.3 -2020-09-23
CVE-2020-8154 Nextcloud Server 安全漏洞 — Nextcloud Server 6.5 -2020-05-12
CVE-2019-15581 GitLab 安全漏洞 — GitLab EE 5.3 -2020-01-28
CVE-2019-5466 GitLab 信息泄露漏洞 — GitLab CE/EE 4.3 -2020-01-28
CVE-2019-15582 GitLab 信息泄露漏洞 — GitLab EE 5.3 -2020-01-28
CVE-2019-5469 GitLab 安全漏洞 — GitLab 6.5 -2019-12-18
CVE-2017-3183 Sage XRT Treasury, version 3, fails to properly restrict database access to authorized users, which may enable any authenticated user to gain full access to privileged database functions — XRT Treasury 8.8 -2018-07-24
CVE-2017-0936 Nextcloud Server 安全漏洞 — Nextcloud Server 6.5 -2018-03-28
CVE-2017-0920 GitLab Community Edition和Enterprise Edition Projects::MergeRequests::CreationsController安全漏洞 — GitLab Community and Enterprise Editions 4.3 -2018-03-22
CVE-2017-0922 Gitlab Enterprise Edition GitLab Projects::BoardsController组件安全漏洞 — GitLab Community and Enterprise Editions 7.5 -2018-03-21
CVE-2017-0882 GitLab 安全漏洞 — GitLab Community Edition and GitLab Enterprise Edition 8.7.0 through 8.15.7, 8.16.0 through 8.16.7, 8.17.0 through 8.17.3 8.3 -2017-03-28
CVE-2012-5571 Openstack keystone: openstack keystone: authorization bypass via improper ec2 token handling — Red Hat OpenStack Platform 13 (Queens) 5.4 Medium2012-12-18

Vulnerabilities classified as CWE-639 (通过用户控制密钥绕过授权机制) represent 1038 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.