Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-863 (授权机制不正确) — Vulnerability Class 1242

1242 vulnerabilities classified as CWE-863 (授权机制不正确). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-43131 WordPress Docket (WooCommerce Collections / Wishlist / Watchlist) plugin < 1.7.0 - Unauthenticated Arbitrary Post/Page Deletion vulnerability — Docket (WooCommerce Collections / Wishlist / Watchlist) 7.5 High2024-08-13
CVE-2024-41941 Siemens SINEC NMS 安全漏洞 — SINEC NMS 4.3 Medium2024-08-13
CVE-2024-41939 Siemens SINEC NMS 安全漏洞 — SINEC NMS 8.8 High2024-08-13
CVE-2024-42473 OpenFGA Authorization Bypass — openfga 7.5 High2024-08-09
CVE-2024-7266 Users listing in EZD RP — EZD RP 4.3AIMediumAI2024-08-07
CVE-2024-7265 Privilege Escalation in EZD RP — EZD RP 8.8AIHighAI2024-08-07
CVE-2024-42062 Apache CloudStack: User Key Exposure to Domain Admins — Apache CloudStack 7.2AIHighAI2024-08-07
CVE-2024-6358 Incorrect Authorization vulnerability — ArcSight Intelligence 6.3 Medium2024-08-06
CVE-2024-6202 HaloITSM - SAML XML Signature Wrapping (XSW) — HaloITSM 9.8 Critical2024-08-06
CVE-2024-6782 Calibre Remote Code Execution — Calibre 9.8 Critical2024-08-06
CVE-2024-38856 Apache OFBiz: Unauthenticated endpoint could allow execution of screen rendering code — Apache OFBiz 5.6AIMediumAI2024-08-05
CVE-2024-7062 Local Privilege Escalation in Nimble Commander <= v1.6.0, Build 4087 — Nimble Commander 8.8 High2024-07-26
CVE-2024-4447 DotCMS 安全漏洞 — dotCMS core 9.9 Critical2024-07-26
CVE-2024-5817 Improper authorization allows read access to issue content in GitHub Enterprise Server — GitHub Enterprise Server 4.3AIMediumAI2024-07-16
CVE-2024-5816 Improper authorization allows persistent access in GitHub Enterprise Server — GitHub Enterprise Server 9.4AICriticalAI2024-07-16
CVE-2024-39905 Red-DiscordBot vulnerable to Incorrect Authorization in commands API — Red-DiscordBot 5.3 Medium2024-07-11
CVE-2024-39871 Siemens SINEMA Remote Connect 安全漏洞 — SINEMA Remote Connect Server 6.3 Medium2024-07-09
CVE-2024-39696 Evmos vulnerable to exploit of smart contract account and vesting — evmos 8.8 High2024-07-05
CVE-2024-39322 aimeos/ai-admin-jsonadm improper access control vulnerability allows editors to remove required records — ai-admin-jsonadm 5.5 Medium2024-07-02
CVE-2024-39352 Synology Camera Firmware 安全漏洞 — Camera Firmware 4.9 Medium2024-06-28
CVE-2024-6086 Improper Access Control in lunary-ai/lunary — lunary-ai/lunary 4.3AIMediumAI2024-06-27
CVE-2024-5714 Improper Access Control in lunary-ai/lunary — lunary-ai/lunary 8.8AIHighAI2024-06-27
CVE-2023-38368 IBM Security Access Manager Docker information disclosure — Security Access Manager Docker 5.5 Medium2024-06-27
CVE-2024-4011 Improper Access Control in GitLab — GitLab 3.1 Low2024-06-26
CVE-2024-6323 Improper Isolation or Compartmentalization in GitLab — GitLab 7.5 High2024-06-26
CVE-2024-38369 XWiki programming rights may be inherited by inclusion — xwiki-platform 10.0 Critical2024-06-24
CVE-2023-38389 WordPress Jupiter X Core plugin <= 3.3.8 - Unauthenticated Account Takeover vulnerability — JupiterX Core 9.8 Critical2024-06-21
CVE-2024-4390 Depicter <= 3.0.2 - Authenticated (Contributor+) Arbitrary Nonce Generation — Depicter — Popup & Slider Builder 6.5 Medium2024-06-20
CVE-2024-38329 IBM Storage Protect for Virtual Environments: Data Protection for VMware security bypass — Storage Protect for Virtual Environments: Data Protection for VMware 7.7 High2024-06-19
CVE-2024-34130 Acrobat Android : OverSecured Finding : Access to arbitrary* content providers via insecure Intent configuration — Acrobat Mobile Sign Android 5.5 Medium2024-06-13

Vulnerabilities classified as CWE-863 (授权机制不正确) represent 1242 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.