Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-863 (授权机制不正确) — Vulnerability Class 1242

1242 vulnerabilities classified as CWE-863 (授权机制不正确). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-1401 Insufficient validation of provided paths in Exago WrImageResource.axd — CMDB 6.9 Medium2022-08-16
CVE-2020-14321 Moodle 权限许可和访问控制问题漏洞 — Moodle 8.8 -2022-08-16
CVE-2022-33718 SAMSUNG Mobile devices 安全漏洞 — Samsung Mobile Devices 6.2 Medium2022-08-05
CVE-2022-27551 HCL Launch could allow an authenticated user to obtain sensitive information (CVE-2022-27551) — HCL Launch 5.3 Medium2022-08-03
CVE-2022-31178 Improper Authorization in eLabFTW — elabftw 4.3 Medium2022-08-01
CVE-2022-31155 Unauthorized overwriting of saved searches in Sourcegraph — sourcegraph 4.3 Medium2022-08-01
CVE-2022-31154 Indirect Object Access in Sourcegraph Code Monitoring — sourcegraph 6.4 Medium2022-08-01
CVE-2022-0670 Red Hat Ceph 安全漏洞 — Ceph 8.1 -2022-07-25
CVE-2022-0594 Shareaholic < 9.7.6 - Information Disclosure — Professional Social Sharing Buttons, Icons & Related Posts – Shareaholic 5.3 -2022-07-25
CVE-2022-31107 Grafana account takeover via OAuth vulnerability — grafana 7.1 High2022-07-15
CVE-2022-29619 SAP BusinessObjects Business Intelligence Platform 安全漏洞 — SAP BusinessObjects Business Intelligence Platform 8.1 -2022-07-12
CVE-2022-32532 Authentication Bypass Vulnerability — Apache Shiro 9.8 -2022-06-28
CVE-2022-31589 多款SAP产品安全漏洞 — SAP ERP, localization for CEE countries. 6.5 -2022-06-14
CVE-2022-27668 SAP NetWeaver 和 ABAP Platform 安全漏洞 — SAP NetWeaver and ABAP Platform 9.8 -2022-06-14
CVE-2022-30311 FESTO: CECC-X-M1 and Servo Press Kit YJKP OS Command Injection vulnerability — Controller CECC-X-M1 (4407603) 9.8 Critical2022-06-13
CVE-2022-30310 FESTO: CECC-X-M1 and Servo Press Kit YJKP OS Command Injection vulnerability — Controller CECC-X-M1 (4407603) 9.8 Critical2022-06-13
CVE-2022-30309 FESTO: CECC-X-M1 and Servo Press Kit YJKP OS Command Injection vulnerability — Controller CECC-X-M1 (4407603) 9.8 Critical2022-06-13
CVE-2022-30308 FESTO: CECC-X-M1 and Servo Press Kit YJKP OS Command Injection vulnerability — Controller CECC-X-M1 (4407603) 9.8 Critical2022-06-13
CVE-2022-22978 VMware Spring Security 授权问题漏洞 — Spring Security 9.8 -2022-05-19
CVE-2021-3956 Lenovo XClarity Controller 安全漏洞 — XClarity Controller (XCC) 4.3 Medium2022-05-18
CVE-2022-1706 Ignition 访问控制错误漏洞 — coreos/ignition 6.5 -2022-05-17
CVE-2022-28774 SAP Host Agent 信息泄露漏洞 — SAP Host Agent 5.5 -2022-05-11
CVE-2022-0866 Wildfly 安全漏洞 — Wildfly 8.2 -2022-05-10
CVE-2021-36778 Exposure of repository credentials to external third-party sources — Rancher 7.3 High2022-05-02
CVE-2022-0984 Moodle 访问控制错误漏洞 — moodle 4.3 -2022-04-29
CVE-2022-23822 Xilinx Zynq-7000 安全漏洞 — Zynq-7000 SoC FSBL 6.8 -2022-04-27
CVE-2022-1466 Red Hat Single Sign-On 安全漏洞 — rhsso 6.5 -2022-04-26
CVE-2020-25167 OSIsoft PI Vision Incorrect Authorization — PI Vision 4.9 Medium2022-04-18
CVE-2022-0920 Salon booking system < 7.6.3 - Customer+ Bookings/Customers Data Disclosure — Salon booking system 7.5 -2022-04-11
CVE-2022-27609 Forcepoint One Endpoint安全漏洞 — One Endpoint 6.0 Medium2022-04-04

Vulnerabilities classified as CWE-863 (授权机制不正确) represent 1242 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.