Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-863 (授权机制不正确) — Vulnerability Class 1242

1242 vulnerabilities classified as CWE-863 (授权机制不正确). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-13278 Diff - Moderately critical - Access bypass, Information Disclosure - SA-CONTRIB-2024-042 — Diff 8.8 -2025-01-09
CVE-2024-13277 Smart IP Ban - Critical - Access bypass - SA-CONTRIB-2024-041 — Smart IP Ban 9.1 -2025-01-09
CVE-2024-13271 Content Entity Clone - Moderately critical - Information Disclosure - SA-CONTRIB-2024-035 — Content Entity Clone 9.1 -2025-01-09
CVE-2024-13270 Freelinking - Moderately critical - Information Disclosure - SA-CONTRIB-2024-034 — Freelinking 7.5 -2025-01-09
CVE-2024-13266 Responsive and off-canvas menu - Moderately critical - Access bypass - SA-CONTRIB-2024-030 — Responsive and off-canvas menu 7.5 -2025-01-09
CVE-2024-13258 Drupal REST & JSON API Authentication - Moderately critical - Access bypass - SA-CONTRIB-2024-022 — Drupal REST & JSON API Authentication 8.2 -2025-01-09
CVE-2024-13257 Commerce View Receipt - Moderately critical - Access bypass - SA-CONTRIB-2024-021 — Commerce View Receipt 7.5 -2025-01-09
CVE-2024-13253 Advanced PWA - Critical - Access bypass - SA-CONTRIB-2024-017 — Advanced PWA inc Push Notifications 8.2 -2025-01-09
CVE-2025-22449 Access control flaw for team admins allows unauthorized team additions — Mattermost 3.8 Low2025-01-09
CVE-2024-47102 IBM AIX denial of service — AIX 5.5 Medium2024-12-25
CVE-2024-56350 JetBrains TeamCity 安全漏洞 — TeamCity 4.3 Medium2024-12-20
CVE-2024-56348 JetBrains TeamCity 安全漏洞 — TeamCity 4.3 Medium2024-12-20
CVE-2024-12831 Arista NG Firewall uvm_login Incorrect Authorization Privilege Escalation Vulnerability — NG Firewall 7.8 -2024-12-20
CVE-2023-4617 Gaining remote control over Govee devices — Govee Home 10.0 Critical2024-12-19
CVE-2024-12539 Elasticsearch Incorrect Authorization — Elasticsearch 7.5 -2024-12-17
CVE-2024-9654 Easy Digital Downloads 3.1 - 3.3.4 - Improper Authorization to Paywall Bypass — Easy Digital Downloads – eCommerce Payments and Subscriptions made easy 3.7 Low2024-12-17
CVE-2024-8116 Incorrect Authorization in GitLab — GitLab 5.3 Medium2024-12-16
CVE-2024-8650 Incorrect Authorization in GitLab — GitLab 5.3 Medium2024-12-16
CVE-2024-55633 Apache Superset: SQLLab Improper readonly query validation allows unauthorized write access — Apache Superset 8.8 -2024-12-12
CVE-2024-10043 Incorrect Authorization in GitLab — GitLab 3.1 Low2024-12-12
CVE-2024-53949 Apache Superset: Lower privilege users are able to create Role when FAB_ADD_SECURITY_API is enabled — Apache Superset 8.8 -2024-12-09
CVE-2024-12247 Improper propagation of permission scheme updates across cluster nodes — Mattermost 4.6 Medium2024-12-05
CVE-2024-12148 Devolutions Server 安全漏洞 — Server 4.3 -2024-12-04
CVE-2024-12196 Devolutions Server 安全漏洞 — Server 4.3 -2024-12-04
CVE-2023-52944 Synology Surveillance Station 安全漏洞 — Surveillance Station 4.3 Medium2024-12-04
CVE-2023-52943 Synology Surveillance Station 安全漏洞 — Surveillance Station 4.3 Medium2024-12-04
CVE-2024-11669 Incorrect Authorization in GitLab — GitLab 6.5 Medium2024-11-26
CVE-2024-7915 macOS Sensei Mac Cleaner Local Privilege Escalation via PID Reuse - Race Condition Attack — Sensei Mac Cleaner 7.8 High2024-11-25
CVE-2024-11670 Devolutions Remote Desktop Manager 安全漏洞 — Remote Desktop Manager 8.8AIHighAI2024-11-25
CVE-2024-11672 Devolutions Remote Desktop Manager 安全漏洞 — Remote Desktop Manager 6.5AIMediumAI2024-11-25

Vulnerabilities classified as CWE-863 (授权机制不正确) represent 1242 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.