Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-863 (授权机制不正确) — Vulnerability Class 1242

1242 vulnerabilities classified as CWE-863 (授权机制不正确). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-5521 Incorrect Authorization in tiann/kernelsu — tiann/kernelsu 8.3 -2023-10-11
CVE-2023-36556 Fortinet FortiMail 安全漏洞 — FortiMail 8.6 High2023-10-10
CVE-2022-3248 Openshift api admission checks does not enforce "custom-host" permissions — kubernetes 4.4 Medium2023-10-05
CVE-2023-4997 Improper authorisation in Uptime DC — UptimeDC 8.8 High2023-10-04
CVE-2023-5106 Incorrect Authorization in GitLab — GitLab 8.2 High2023-10-02
CVE-2023-5194 A system/user manager can demote / deactivate another manager — Mattermost 2.7 Low2023-09-29
CVE-2023-5195 A team member can soft delete other teams that they are not part of — Mattermost 6.5 Medium2023-09-29
CVE-2023-5193 System Role with manage posts permission can read posts of Direct Messages — Mattermost 4.9 Medium2023-09-29
CVE-2023-5159 A User Manager role with user edit permissions could manage/update bots — Mattermost 3.8 Low2023-09-29
CVE-2023-5198 Incorrect Authorization in GitLab — GitLab 4.3 Medium2023-09-29
CVE-2023-3920 Incorrect Authorization in GitLab — GitLab 4.3 Medium2023-09-29
CVE-2023-3979 Incorrect Authorization in GitLab — GitLab 3.1 Low2023-09-29
CVE-2023-4532 Incorrect Authorization in GitLab — GitLab 4.3 Medium2023-09-29
CVE-2023-5009 Incorrect Authorization in GitLab — GitLab 9.6 High2023-09-19
CVE-2023-40611 Apache Airflow Dag Runs Broken Access Control Vulnerability — Apache Airflow 7.1 -2023-09-12
CVE-2023-37881 Weak Access Control between Domains in Wing FTP Server <= 7.2.0 — Wing FTP Server 4.9 Medium2023-09-12
CVE-2023-40309 Missing Authorization check in SAP CommonCryptoLib — SAP CommonCryptoLib 9.8 Critical2023-09-12
CVE-2023-32672 Apache Superset: SQL parser edge case bypasses data access authorization — Apache Superset 4.3 Medium2023-09-06
CVE-2023-27523 Apache Superset: Improper data permission validation on Jinja templated queries — Apache Superset 5.0 Medium2023-09-06
CVE-2023-27526 Apache Superset: Improper Authorization check on import charts — Apache Superset 4.3 Medium2023-09-06
CVE-2023-36387 Apache Superset: Improper API permission for low privilege users — Apache Superset 5.4 Medium2023-09-06
CVE-2023-0120 Incorrect Authorization in GitLab — GitLab 3.5 Low2023-09-01
CVE-2023-40168 Malicious projects can read and upload arbitrary files from disk in TurboWarp Desktop — desktop 7.4 High2023-08-17
CVE-2023-33237 Authentication Bypass Without Administrator Privilege — TN-5900 Series 8.8 High2023-08-17
CVE-2023-4107 Incorrect authorization allows a user manager to update a system admin — Mattermost 6.7 Medium2023-08-11
CVE-2023-39965 1Panel Unauthorized access in Backend — 1Panel 6.5 Medium2023-08-10
CVE-2023-24471 Information disclosure via the debug function in assertions in Guardian/CMC before 22.6.2 — Guardian 6.5 Medium2023-08-09
CVE-2023-38209 Adobe Commerce Incorrect Authorization Security feature bypass — Magento Commerce 6.5 Medium2023-08-09
CVE-2023-37492 Missing Authorization check in SAP NetWeaver AS ABAP and ABAP Platform — SAP NetWeaver AS ABAP and ABAP Platform 4.9 Medium2023-08-08
CVE-2023-37491 Improper Authorization check vulnerability in SAP Message Server — SAP Message Server 7.5 High2023-08-08

Vulnerabilities classified as CWE-863 (授权机制不正确) represent 1242 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.