Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-863 (授权机制不正确) — Vulnerability Class 1242

1242 vulnerabilities classified as CWE-863 (授权机制不正确). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-21479 Incorrect Authorization in Graphics — Snapdragon 8.6 High2025-06-03
CVE-2025-21480 Incorrect Authorization in Graphics Windows — Snapdragon 8.6 High2025-06-03
CVE-2025-3260 Grafana 安全漏洞 — Grafana 8.3 High2025-06-02
CVE-2025-20674 MediaTek Chipsets 安全漏洞 — MT6890, MT6990, MT7915, MT7916, MT7981, MT7986, MT7990, MT7992, MT7993 9.8AICriticalAI2025-06-02
CVE-2025-48948 Navidrome Transcoding Permission Bypass Vulnerability Report — navidrome 4.3AIMediumAI2025-05-30
CVE-2024-7096 Privilege Escalation in Multiple WSO2 Products via SOAP Admin Service Due to Business Logic Flaw — WSO2 Open Banking IAM 4.2 Medium2025-05-30
CVE-2025-3611 Improper Access Control in Mattermost allows System Managers to view team details despite role restrictions — Mattermost 3.1 Low2025-05-30
CVE-2025-1792 Improper Access Control in Mattermost Channel Member API — Mattermost 3.1 Low2025-05-30
CVE-2025-48881 Valtimo backend libraries allows objects in the object-api to be accessed and modified by unauthorized users — valtimo-backend-libraries 8.3 High2025-05-30
CVE-2025-48757 Lovable 安全漏洞 — Lovable 9.3 Critical2025-05-30
CVE-2025-48475 FreeScout Vulnerable to Insufficient Authorization — freescout 5.4AIMediumAI2025-05-29
CVE-2025-48474 FreeScout Vulnerable to Insufficient Authorization — freescout 4.3AIMediumAI2025-05-29
CVE-2025-48473 FreeScout Vulnerable to Insufficient Authorization — freescout 3.5AILowAI2025-05-29
CVE-2025-48472 FreeScout Vulnerable to Insufficient Authorization — freescout 7.1AIHighAI2025-05-29
CVE-2025-3913 Team Privacy Settings Authorization Bypass in Mattermost Server — Mattermost 5.3 Medium2025-05-29
CVE-2025-25251 Fortinet FortiClientMAC 安全漏洞 — FortiClientMac 7.4 High2025-05-28
CVE-2025-25026 IBM Security Guardium information disclosure — Security Guardium 4.3 Medium2025-05-28
CVE-2025-4975 Tapo privilege escalation on shared devices using notifications — TP-Link Tapo app 8.8AIHighAI2025-05-22
CVE-2025-48373 Schule Has Client-Side Role-Based Access Control (RBAC) Bypass Vulnerability — Schule 7.6AIHighAI2025-05-22
CVE-2024-6914 Incorrect Authorization in Multiple WSO2 Products via Account Recovery SOAP Admin Service Leading to Account Takeover — WSO2 API Manager 8.8 High2025-05-22
CVE-2024-13947 External System or Configuration Control — ASPECT-Enterprise 6.0 Medium2025-05-22
CVE-2025-30171 Admin Authorized System File Deletion — ASPECT-Enterprise 9.0 Critical2025-05-22
CVE-2025-20257 Cisco Secure Network Analytics API Authorization Vulnerability — Cisco Secure Network Analytics 6.5 Medium2025-05-21
CVE-2025-1418 Information disclosure in Proget MDM — Proget 4.3AIMediumAI2025-05-21
CVE-2025-1417 Information disclosure in Proget MDM — Proget 5.3AIMediumAI2025-05-21
CVE-2025-1416 Password disclosure in Proget MDM — Proget 7.5AIHighAI2025-05-21
CVE-2025-1415 Information disclosure in Proget MDM — Proget 5.3AIMediumAI2025-05-21
CVE-2025-47937 TYPO3 Vulnerable to Information Disclosure via DBAL Restriction Handling — typo3 3.7 Low2025-05-20
CVE-2025-4101 MultiVendorX – WooCommerce Multivendor Marketplace Solutions <= 4.2.22 - Incorrect Authorization to Authenticated (Contributor+) Arbitrary Post Deletion — MultiVendorX – WooCommerce Multivendor Marketplace Solutions 4.3 Medium2025-05-17
CVE-2025-47930 Zulip Server has access control bypass for restrictions on creation of specific channel types — zulip 6.5AIMediumAI2025-05-15

Vulnerabilities classified as CWE-863 (授权机制不正确) represent 1242 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.