Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-863 (授权机制不正确) — Vulnerability Class 1242

1242 vulnerabilities classified as CWE-863 (授权机制不正确). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-4397 morontt zend-blog-number-2 Comment Comment.php cross-site request forgery — zend-blog-number-2 4.3 Medium2022-12-10
CVE-2020-36610 annyshow DuxCMS cross-site request forgery — DuxCMS 4.3 Medium2022-12-08
CVE-2022-4349 CTF-hacker pwn delete.html cross-site request forgery — pwn 4.3 Medium2022-12-08
CVE-2022-46167 Capsule vulnerable to privilege escalation by ServiceAccount deployed in a Tenant Namespace — capsule 8.8 High2022-12-02
CVE-2022-4090 rickxy Stock Management System cross-site request forgery — Stock Management System 4.3 Medium2022-11-24
CVE-2022-4013 Hospital Management Center appointment.php cross-site request forgery — Hospital Management Center 4.3 Medium2022-11-16
CVE-2022-4014 FeehiCMS Post My Comment Tab cross-site request forgery — FeehiCMS 4.3 Medium2022-11-16
CVE-2022-41918 Issue with fine-grained access control of indices backing data streams — security 6.3 Medium2022-11-15
CVE-2022-3978 NodeBB abort cross-site request forgery — NodeBB 4.3 Medium2022-11-13
CVE-2022-20928 Cisco Adaptive Security Appliance(ASA)Software和Cisco Firepower Threat Defense(FTD)Software 安全漏洞 — Cisco Adaptive Security Appliance (ASA) Software 5.8 Medium2022-11-10
CVE-2022-39388 Istio may allow identity impersonation if user has localhost access — istio 7.6 High2022-11-10
CVE-2022-39352 OpenFGA Authorization Bypass — openfga 4.8 Medium2022-11-08
CVE-2022-42344 [CVE-2021-36032] Magento IDOR Leads to Account Takeover — Adobe Commerce 8.8 High2022-10-20
CVE-2022-3582 SourceCodester Simple Cold Storage Management System cross-site request forgery — Simple Cold Storage Management System 4.3 Medium2022-10-18
CVE-2022-3585 SourceCodester Simple Cold Storage Management System Contact Us cross-site request forgery — Simple Cold Storage Management System 4.3 Medium2022-10-18
CVE-2022-39302 Ree6 may bypass webhook protection — Ree6 5.5 Medium2022-10-13
CVE-2022-31252 permissions: chkstat does not check for group-writable parent directories or target files in safeOpen() — SUSE Linux Enterprise Server 12-SP5 4.4 Medium2022-10-06
CVE-2022-39275 Improper object type validation in saleor — saleor 5.3 Medium2022-10-06
CVE-2022-3024 Simple Bitcoin Faucets <= 1.7.0 - Unauthorised AJAX Call to Stored XSS — Bitcoin Satoshi Tools : Faucets, Visitor Rewarder, Satoshi Games, Referral Program 7.6 -2022-09-26
CVE-2022-39955 Partial rule set bypass in OWASP ModSecurity Core Rule Set by submitting a specially crafted HTTP Content-Type header — ModSecurity Core Rule Set 7.3 High2022-09-20
CVE-2022-39956 Partial rule set bypass in OWASP ModSecurity Core Rule Set for HTTP multipart requests using character encoding in the Content-Type or Content-Transfer-Encoding header — ModSecurity Core Rule Set 7.3 High2022-09-20
CVE-2022-39958 Response body bypass in OWASP ModSecurity Core Rule Set via repeated HTTP Range header submission with a small byte range — ModSecurity Core Rule Set 7.5 High2022-09-20
CVE-2022-36109 Moby vulnerability relating to supplementary group permissions — moby 5.3 Medium2022-09-09
CVE-2022-23451 barbican 授权问题漏洞 — openstack/barbican 8.1 -2022-09-06
CVE-2022-2597 Visual Portfolio < 2.19.0 - Contributor+ CSS Injection — Visual Portfolio, Photo Gallery & Post Grid 5.4 -2022-09-05
CVE-2022-23452 barbican 授权问题漏洞 — openstack/barbican 4.9 -2022-09-01
CVE-2021-3563 Red Hat OpenStack Platform 安全漏洞 — keystone 7.4 -2022-08-26
CVE-2021-3763 AMQ 访问控制错误漏洞 — AMQ Broker 4.3 -2022-08-23
CVE-2022-35692 Adobe Commerce Improper Access Control Security feature bypass — Magento Commerce 5.3 Medium2022-08-19
CVE-2022-36009 Incorrect parsing of access level in gomatrixserverlib and dendrite — gomatrixserverlib 5.0 Medium2022-08-19

Vulnerabilities classified as CWE-863 (授权机制不正确) represent 1242 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.