Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-863 (授权机制不正确) — Vulnerability Class 1242

1242 vulnerabilities classified as CWE-863 (授权机制不正确). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-0333 Moodle 访问控制错误漏洞 — moodle 3.8 -2022-01-25
CVE-2022-0334 Moodle 访问控制错误漏洞 — moodle 5.3 -2022-01-25
CVE-2021-24733 WP Post Page Clone < 1.2 - Unauthorised Post Access — WP Post Page Clone 4.3 -2022-01-24
CVE-2022-21707 Incorrect Authorization in wasmCloud — wasmcloud-otp 6.3 Medium2022-01-21
CVE-2022-21701 Privileged Escalation in Istio — istio 5.0 Medium2022-01-19
CVE-2022-22167 Junos OS: SRX Series: If no-syn-check is enabled, traffic classified as UNKNOWN gets permitted by pre-id-default-policy — Junos OS 7.2 High2022-01-19
CVE-2022-22157 Junos OS: SRX Series: Traffic classification vulnerability when 'no-syn-check' is enabled — Junos OS 7.2 High2022-01-19
CVE-2021-24872 Get Custom Field Values < 4.0 - Contributors+ Arbitrary Post Metadata Access — Get Custom Field Values 6.5 -2021-12-13
CVE-2021-24819 Page/Post Content Shortcode <= 1.0 - Contributor+ Arbitrary Posts/Pages Access — Page/Post Content Shortcode 4.3 -2021-12-13
CVE-2021-24917 WPS Hide Login < 1.9.1 - Protection Bypass with Referer-Header — WPS Hide Login 7.5 -2021-12-06
CVE-2021-43560 Moodle 权限许可和访问控制问题漏洞 — moodle 5.3 -2021-11-22
CVE-2021-43553 OSIsoft PI Vision — PI Vision 3.1 Low2021-11-17
CVE-2021-24851 Insert Pages < 3.7.0 - Contributor+ Arbitrary Posts/Pages Access — Insert Pages 4.3 -2021-11-17
CVE-2021-40504 SAP NetWeaver Application Server 权限许可和访问控制问题漏洞 — SAP NetWeaver AS for ABAP and ABAP Platform--2021-11-10
CVE-2021-42026 Siemens Mendix 安全漏洞 — Mendix Applications using Mendix 8 4.3 -2021-11-09
CVE-2021-42025 Siemens Mendix 安全漏洞 — Mendix Applications using Mendix 8 6.5 -2021-11-09
CVE-2021-24788 Batch Cat <= 0.3 - Subscriber+ Arbitrary Categories Add/Set/Delete to Posts — Batch Cat 6.5 -2021-11-08
CVE-2021-24783 Post Expirator < 2.6.0 - Contributor+ Arbitrary Post Schedule Deletion — Post Expirator: Automatically Unpublish WordPress Posts 6.5 -2021-11-08
CVE-2021-41230 OIDC claims not updated from Identity Provider in Pomerium — pomerium 5.3 Medium2021-11-05
CVE-2021-24770 Stylish Price List < 6.9.1 - Subscriber+ Arbitrary Image Upload — Stylish Price List 6.5 -2021-11-01
CVE-2021-24757 Stylish Price List < 6.9.0 - Unauthenticated Arbitrary Image Upload — Stylish Price List 7.5 -2021-11-01
CVE-2021-24742 Logo Slider and Showcase < 1.3.37 - Editor Plugin's Settings Update — Logo Slider and Showcase 6.5 -2021-11-01
CVE-2021-24717 AutomatorWP < 1.7.6 - Missing Authorization and Privilege Escalation — AutomatorWP 8.8 -2021-11-01
CVE-2021-41189 Communities and collections administrators can escalate their privilege up to system administrator — DSpace 7.2 High2021-10-29
CVE-2021-39321 Sassy Social Share 3.3.23 PHP Object Injection — Sassy Social Share 8.8 High2021-10-21
CVE-2021-24652 PostX Gutenberg Blocks for Post Grid < 2.4.10 - Missing Access Controls — PostX – Gutenberg Blocks for Post Grid 6.5 -2021-09-27
CVE-2021-34647 Ninja Forms <= 3.5.7 Sensitive Information Disclosure — Ninja Forms 6.5 Medium2021-09-22
CVE-2021-34648 Ninja Forms <= 3.5.7 Unprotected REST-API to Email Injection — Ninja Forms 6.4 Medium2021-09-22
CVE-2021-39206 Incorrect Authorization with specially crafted requests — pomerium 8.6 High2021-09-09
CVE-2021-38312 Gutenberg Template Library & Redux Framework <= 4.2.11 Incorrect Authorization check to Arbitrary plugin installation and post deletion — Gutenberg Template Library & Redux Framework 7.1 High2021-09-02

Vulnerabilities classified as CWE-863 (授权机制不正确) represent 1242 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.