Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-863 (授权机制不正确) — Vulnerability Class 1242

1242 vulnerabilities classified as CWE-863 (授权机制不正确). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-27608 Forcepoint One Endpoint安全漏洞 — One Endpoint 6.0 Medium2022-04-04
CVE-2022-0825 Amelia < 1.0.49 - Customer+ Arbitrary Appointments Status Update — Amelia – Events & Appointments Booking Calendar 5.4 -2022-04-04
CVE-2022-1223 Incorrect Authorization in phpipam/phpipam — phpipam/phpipam 6.5 Medium2022-04-04
CVE-2021-3456 Foreman 安全漏洞 — smart_proxy_salt 7.3 -2022-03-30
CVE-2020-35501 Linux kernel 安全漏洞 — kernel 4.4 -2022-03-30
CVE-2022-0720 Amelia < 1.0.47 - Customer+ Arbitrary Appointments Update and Sensitive Data Disclosure — Amelia – Events & Appointments Booking Calendar 5.4 -2022-03-28
CVE-2021-20290 OpenSC 安全漏洞 — smart_proxy_openscap 7.3 -2022-03-25
CVE-2022-24778 Incorrect Authorization in imgcrypt — imgcrypt 7.5 High2022-03-25
CVE-2022-0981 Quarkus 安全漏洞 — quarkus 8.8 -2022-03-23
CVE-2021-24905 Advanced Contact form 7 DB < 1.8.7 - Subscriber+ Arbitrary File Deletion — Advanced Contact form 7 DB 8.0 -2022-03-21
CVE-2022-24755 Incorrect Authorization in Bareos Director — bareos 8.1 High2022-03-15
CVE-2022-24721 Incorrect Authorization in org.cometd.oort — cometd 8.1 High2022-03-15
CVE-2022-24714 Disclosure of hosts and related data, linked to decommissioned services in Icinga Web 2 — icingaweb2 5.3 Medium2022-03-08
CVE-2021-41241 Advanced permissions is not respected for subfolders in Nextcloud server — security-advisories 4.3 Medium2022-03-08
CVE-2021-24824 Custom Content Shortcode < 4.0.1 - Unauthorised Arbitrary Post Metadata Access — Custom Content Shortcode 4.3 -2022-03-07
CVE-2021-3658 bluez 安全漏洞 — bluez 4.3 -2022-03-02
CVE-2022-0762 Incorrect Authorization in microweber/microweber — microweber/microweber 5.5 Medium2022-02-26
CVE-2022-21706 Multi-use invitations can grant access to other organizations in Zulip — zulip 7.2 High2022-02-25
CVE-2022-21141 Airspan Networks Mimosa Incorrect Authorization — MMP 10.0 Critical2022-02-18
CVE-2020-25722 Samba 权限许可和访问控制问题漏洞 — samba 8.8 -2022-02-18
CVE-2022-0633 UpdraftPlus Free < 1.22.3 & Premium < 2.22.3 - Subscriber+ Backup Download — UpdraftPlus WordPress Backup Plugin (Free) 6.5 -2022-02-17
CVE-2021-3560 polkit 代码问题漏洞 — polkit 7.8 -2022-02-16
CVE-2022-0580 Incorrect Authorization in librenms/librenms — librenms/librenms 7.1 High2022-02-14
CVE-2022-23615 Partial authorization bypass on document save in xwiki-platform — xwiki-platform 5.4 Medium2022-02-09
CVE-2022-23627 Inadequate access verification when using proxy commands in ArchiSteamFarm — ArchiSteamFarm 5.0 Medium2022-02-08
CVE-2022-21713 Exposure of Sensitive Information in Grafana — grafana 4.3 Medium2022-02-08
CVE-2021-24947 RVM - Responsive Vector Maps < 6.4.2 - Subscriber+ Arbitrary File Read — RVM – Responsive Vector Maps 6.5 -2022-02-07
CVE-2021-41571 Pulsar Admin API allows access to data from other tenants using getMessageById API — Apache Pulsar 6.5 -2022-02-01
CVE-2022-23009 F5 BIG-IQ 访问控制错误漏洞 — BIG-IQ Centralized Management 7.2 -2022-01-25
CVE-2021-4133 Red Hat Keycloak 访问控制错误漏洞 — Keycloak 8.8 -2022-01-25

Vulnerabilities classified as CWE-863 (授权机制不正确) represent 1242 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.