Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-863 (授权机制不正确) — Vulnerability Class 1242

1242 vulnerabilities classified as CWE-863 (授权机制不正确). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-51379 Incorrect Authorization for Issue Comments in GitHub Enterprise Server — Enterprise Server 4.9 Medium2023-12-21
CVE-2023-50732 Velocity execution without script right through tree macro — xwiki-platform 8.3 High2023-12-21
CVE-2023-49734 Apache Superset: Privilege Escalation Vulnerability — Apache Superset 7.7 High2023-12-19
CVE-2023-41314 Apache Doris: Missing API authentication allowed DoS — Apache Doris 9.1AICriticalAI2023-12-18
CVE-2023-3511 Incorrect Authorization in GitLab — GitLab 2.0 Low2023-12-15
CVE-2023-6837 Incorrect Authorization in Multiple WSO2 Products via Federated Authentication with JIT Provisioning Leading to User Impersonation — WSO2 API Manager 8.5 High2023-12-15
CVE-2023-45185 IBM i Access Client Solutions code execution — i Access Client Solutions 7.4 High2023-12-14
CVE-2023-49273 Umbraco CMS vulnerable to Privilege Escalation using Spoofing — Umbraco-CMS 5.4 Medium2023-12-12
CVE-2023-48227 Umbraco CMS Backoffice User can bypass "Publish" restriction — Umbraco-CMS 4.3 Medium2023-12-12
CVE-2023-6542 Improper Export of Android Application Components in SAP EMARSYS SDK ANDROID — SAP EMARSYS SDK ANDROID 7.1 High2023-12-12
CVE-2023-3443 Incorrect Authorization in GitLab — GitLab 3.1 Low2023-12-01
CVE-2023-3964 Incorrect Authorization in GitLab — GitLab 4.3 Medium2023-12-01
CVE-2023-4317 Incorrect Authorization in GitLab — GitLab 4.3 Medium2023-12-01
CVE-2023-4658 Incorrect Authorization in GitLab — GitLab 3.1 Low2023-12-01
CVE-2023-5995 Incorrect Authorization in GitLab — GitLab 4.4 Medium2023-12-01
CVE-2023-47827 WordPress Events Addon for Elementor Plugin <= 2.1.3 is vulnerable to Broken Access Control — Events Addon for Elementor 6.5 Medium2023-11-30
CVE-2023-40610 Apache Superset: Privilege escalation with default examples database — Apache Superset 6.3 Medium2023-11-27
CVE-2023-48712 User authorization bug leading to privilege escalation in warpgate — warpgate 7.1 High2023-11-24
CVE-2023-5553 AXIS OS 安全漏洞 — AXIS OS 7.6 High2023-11-21
CVE-2023-48218 Strapi Protected Populate Plugin leaking fields if the request fields where empty or only fields selected where not populatable — strapi-plugin-protected-populate 5.3 Medium2023-11-20
CVE-2023-3379 WAGO: Improper Privilege Management in web-based management — Compact Controller 100 (751-9301) 5.3 Medium2023-11-20
CVE-2022-40681 Fortinet FortiClient 安全漏洞 — FortiClientWindows 7.1 High2023-11-14
CVE-2023-31403 Improper Access Control vulnerability in SAP Business One product installation — SAP Business One 9.6 Critical2023-11-14
CVE-2023-47037 Apache Airflow missing fix for CVE-2023-40611 in 2.7.1 (DAG run broken access) — Apache Airflow 5.4 -2023-11-12
CVE-2023-4379 Incorrect Authorization in GitLab — GitLab 8.1 High2023-11-09
CVE-2023-46244 Privilege escalation in Xwiki platform — xwiki-platform 9.1 Critical2023-11-07
CVE-2023-46139 KernelSU signature validation mismatch — KernelSU 5.0 Medium2023-10-30
CVE-2023-38218 Incorrect Authorization - Customer account takeover — Adobe Commerce 8.8 High2023-10-13
CVE-2023-41882 vantage6 Improper Access Control vulnerability — vantage6 5.4 Medium2023-10-11
CVE-2023-28635 Defining resource name as integer in vantage6 may give unintended access — vantage6 5.4 Medium2023-10-11

Vulnerabilities classified as CWE-863 (授权机制不正确) represent 1242 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.