Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-863 (授权机制不正确) — Vulnerability Class 1242

1242 vulnerabilities classified as CWE-863 (授权机制不正确). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-26511 Cassandra-Lucene-Index allows bypass of Cassandra RBAC — Instaclustr fork of Stratio's Cassandra-Lucene-Index plugin 8.8 High2025-02-13
CVE-2025-0937 Nomad Vulnerable To Event Stream Namespace ACL Policy Bypass Through Wildcard Namespace — Nomad 7.1 High2025-02-12
CVE-2025-0516 Incorrect Authorization in GitLab — GitLab 4.3 Medium2025-02-12
CVE-2025-24437 Adobe Commerce | Incorrect Authorization (CWE-863) — Adobe Commerce 5.4 Medium2025-02-11
CVE-2025-24434 Adobe Commerce | Incorrect Authorization (CWE-863) — Adobe Commerce 9.1 Critical2025-02-11
CVE-2025-24420 Adobe Commerce | Incorrect Authorization (CWE-863) — Adobe Commerce 4.3 Medium2025-02-11
CVE-2025-24419 Adobe Commerce | Incorrect Authorization (CWE-863) — Adobe Commerce 4.3 Medium2025-02-11
CVE-2025-24436 Adobe Commerce | Incorrect Authorization (CWE-863) — Adobe Commerce 4.3 Medium2025-02-11
CVE-2025-24407 Adobe Commerce | Incorrect Authorization (CWE-863) — Adobe Commerce 7.1 High2025-02-11
CVE-2025-24409 Adobe Commerce | Incorrect Authorization (CWE-863) — Adobe Commerce 8.2 High2025-02-11
CVE-2025-24421 Adobe Commerce | Incorrect Authorization (CWE-863) — Adobe Commerce 4.3 Medium2025-02-11
CVE-2025-24872 Missing Authorization check in SAP ABAP Platform (ABAP Build Framework) — SAP ABAP Platform (ABAP Build Framework) 4.3 Medium2025-02-11
CVE-2025-24869 Information Disclosure vulnerability in SAP NetWeaver Application Server Java — SAP NetWeaver Application Server Java 4.3 Medium2025-02-11
CVE-2021-41528 Improper authorization related to Import / Export interfaces on RISC Platform — RISC Platform 8.8 -2025-02-07
CVE-2025-23419 TLS Session Resumption Vulnerability — NGINX Open Source 4.3 Medium2025-02-05
CVE-2025-24860 Apache Cassandra: CassandraNetworkAuthorizer and CassandraCIDRAuthorizer can be bypassed allowing access to different network regions — Apache Cassandra 6.5 -2025-02-04
CVE-2024-23929 Pioneer DMH-WT7600NEX Telematics Directory Traversal — DMH-WT7600NEX 7.3 High2025-01-31
CVE-2024-41140 Improper Authorization — Applications Manager 8.1 High2025-01-29
CVE-2025-24479 FactoryTalk® View Machine Edition - Local Code Injection — FactoryTalk View Machine Edition 7.8 -2025-01-28
CVE-2025-0781 Incorrect Authorization in SimGear — SimGear 8.6 High2025-01-28
CVE-2024-22316 IBM Sterling File Gateway improper access control — Sterling File Gateway 4.3 Medium2025-01-27
CVE-2023-50946 IBM Common Licensing information disclosure — Common Licensing 6.5 Medium2025-01-26
CVE-2025-24460 JetBrains TeamCity 安全漏洞 — TeamCity 4.3 Medium2025-01-21
CVE-2025-0580 Shiprocket Module REST API Module rest_api authorization — Shiprocket Module 5.6 Medium2025-01-20
CVE-2025-21403 On-Premises Data Gateway Information Disclosure Vulnerability — On-Premises Data Gateway 6.4 Medium2025-01-14
CVE-2024-13302 Pages Restriction Access - Critical - Access bypass - SA-CONTRIB-2024-068 — Pages Restriction Access 7.5 -2025-01-09
CVE-2024-13291 Basic HTTP Authentication - Critical - Access bypass - SA-CONTRIB-2024-057 — Basic HTTP Authentication--2025-01-09
CVE-2024-13290 OhDear Integration - Moderately critical - Access bypass - SA-CONTRIB-2024-056 — OhDear Integration 7.5 -2025-01-09
CVE-2024-13282 Block permissions - Moderately critical - Access bypass - SA-CONTRIB-2024-046 — Block permissions 5.3 -2025-01-09
CVE-2024-13281 Monster Menus - Moderately critical - Access bypass, Information Disclosure - SA-CONTRIB-2024-045 — Monster Menus 7.5 -2025-01-09

Vulnerabilities classified as CWE-863 (授权机制不正确) represent 1242 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.