Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-863 (授权机制不正确) — Vulnerability Class 1255

1255 vulnerabilities classified as CWE-863 (授权机制不正确). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-2003 Devolutions Server 安全漏洞 — Server 8.8 -2025-03-05
CVE-2025-0360 AXIS OS 安全漏洞 — AXIS OS 7.8 High2025-03-04
CVE-2025-0359 AXIS OS 安全漏洞 — AXIS OS 8.5 High2025-03-04
CVE-2024-2321 Incorrect Authorization in Multiple WSO2 Products Allows API Access via Refresh Token — WSO2 API Manager 5.6 Medium2025-02-27
CVE-2025-26532 Teachers can evade trusttext config when restoring glossary entries — moodle 3.1 Low2025-02-24
CVE-2025-26531 IDOR in badges allows disabling of arbitrary badges — moodle 3.1 Low2025-02-24
CVE-2025-26526 Feedback response viewing and deletions did not respect Separate Groups mode — moodle 6.5 Medium2025-02-24
CVE-2025-24526 Channel export permitted on archived channel when viewing archived channels is disabled — Mattermost 4.3 Medium2025-02-24
CVE-2024-5705 Hitachi Vantara Pentaho Business Analytics Server - Incorrect Authorization — Pentaho Data Integration & Analytics 8.8 High2025-02-19
CVE-2025-27089 Overlapping policies allow update to non-allowed fields in directus — directus 5.4 Medium2025-02-19
CVE-2024-45081 IBM Cognos Controller incorrect authorization — Cognos Controller 6.5 Medium2025-02-19
CVE-2024-57969 MISP 安全漏洞 — MISP 4.3 Medium2025-02-14
CVE-2025-26511 Cassandra-Lucene-Index allows bypass of Cassandra RBAC — Instaclustr fork of Stratio's Cassandra-Lucene-Index plugin 8.8 High2025-02-13
CVE-2025-0937 Nomad Vulnerable To Event Stream Namespace ACL Policy Bypass Through Wildcard Namespace — Nomad 7.1 High2025-02-12
CVE-2025-0516 Incorrect Authorization in GitLab — GitLab 4.3 Medium2025-02-12
CVE-2025-24437 Adobe Commerce | Incorrect Authorization (CWE-863) — Adobe Commerce 5.4 Medium2025-02-11
CVE-2025-24434 Adobe Commerce | Incorrect Authorization (CWE-863) — Adobe Commerce 9.1 Critical2025-02-11
CVE-2025-24420 Adobe Commerce | Incorrect Authorization (CWE-863) — Adobe Commerce 4.3 Medium2025-02-11
CVE-2025-24419 Adobe Commerce | Incorrect Authorization (CWE-863) — Adobe Commerce 4.3 Medium2025-02-11
CVE-2025-24436 Adobe Commerce | Incorrect Authorization (CWE-863) — Adobe Commerce 4.3 Medium2025-02-11
CVE-2025-24407 Adobe Commerce | Incorrect Authorization (CWE-863) — Adobe Commerce 7.1 High2025-02-11
CVE-2025-24409 Adobe Commerce | Incorrect Authorization (CWE-863) — Adobe Commerce 8.2 High2025-02-11
CVE-2025-24421 Adobe Commerce | Incorrect Authorization (CWE-863) — Adobe Commerce 4.3 Medium2025-02-11
CVE-2025-24872 Missing Authorization check in SAP ABAP Platform (ABAP Build Framework) — SAP ABAP Platform (ABAP Build Framework) 4.3 Medium2025-02-11
CVE-2025-24869 Information Disclosure vulnerability in SAP NetWeaver Application Server Java — SAP NetWeaver Application Server Java 4.3 Medium2025-02-11
CVE-2021-41528 Improper authorization related to Import / Export interfaces on RISC Platform — RISC Platform 8.8 -2025-02-07
CVE-2025-23419 TLS Session Resumption Vulnerability — NGINX Open Source 4.3 Medium2025-02-05
CVE-2025-24860 Apache Cassandra: CassandraNetworkAuthorizer and CassandraCIDRAuthorizer can be bypassed allowing access to different network regions — Apache Cassandra 6.5 -2025-02-04
CVE-2024-23929 Pioneer DMH-WT7600NEX Telematics Directory Traversal — DMH-WT7600NEX 7.3 High2025-01-31
CVE-2024-41140 Improper Authorization — Applications Manager 8.1 High2025-01-29

Vulnerabilities classified as CWE-863 (授权机制不正确) represent 1255 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.