Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-863 (授权机制不正确) — Vulnerability Class 1255

1255 vulnerabilities classified as CWE-863 (授权机制不正确). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-55633 Apache Superset: SQLLab Improper readonly query validation allows unauthorized write access — Apache Superset 8.8 -2024-12-12
CVE-2024-10043 Incorrect Authorization in GitLab — GitLab 3.1 Low2024-12-12
CVE-2024-53949 Apache Superset: Lower privilege users are able to create Role when FAB_ADD_SECURITY_API is enabled — Apache Superset 8.8 -2024-12-09
CVE-2024-12247 Improper propagation of permission scheme updates across cluster nodes — Mattermost 4.6 Medium2024-12-05
CVE-2024-12148 Devolutions Server 安全漏洞 — Server 4.3 -2024-12-04
CVE-2024-12196 Devolutions Server 安全漏洞 — Server 4.3 -2024-12-04
CVE-2023-52944 Synology Surveillance Station 安全漏洞 — Surveillance Station 4.3 Medium2024-12-04
CVE-2023-52943 Synology Surveillance Station 安全漏洞 — Surveillance Station 4.3 Medium2024-12-04
CVE-2024-11669 Incorrect Authorization in GitLab — GitLab 6.5 Medium2024-11-26
CVE-2024-7915 macOS Sensei Mac Cleaner Local Privilege Escalation via PID Reuse - Race Condition Attack — Sensei Mac Cleaner 7.8 High2024-11-25
CVE-2024-11670 Devolutions Remote Desktop Manager 安全漏洞 — Remote Desktop Manager 8.8AIHighAI2024-11-25
CVE-2024-11672 Devolutions Remote Desktop Manager 安全漏洞 — Remote Desktop Manager 6.5AIMediumAI2024-11-25
CVE-2024-11176 Incorrect evaluation of effective permissions in M-Files Aino — M-Files Aino 6.5AIMediumAI2024-11-20
CVE-2024-52584 Autolab has vulnerable submission endpoints — Autolab 5.4AIMediumAI2024-11-18
CVE-2024-3379 Incorrect Authorization in lunary-ai/lunary — lunary-ai/lunary 7.1 -2024-11-14
CVE-2024-9693 Incorrect Authorization in GitLab — GitLab 8.5 High2024-11-14
CVE-2024-50310 Siemens SIMATIC CP 1543-1 安全漏洞 — SIMATIC CP 1543-1 V4.0 7.5 High2024-11-12
CVE-2024-42000 Unauthorized Access to view channels' details — Mattermost 2.7 Low2024-11-09
CVE-2024-52314 data.all admin user may access potentially sensitive data stored by producers via logs — data.all 4.9 Medium2024-11-09
CVE-2024-52312 data.all authenticated users can perform restricted operations against DataSets and Environments — data.all 5.4 Medium2024-11-09
CVE-2024-10953 data.all authenticated users can perform mutating update operations on persisted notification records — data.all 4.3 Medium2024-11-09
CVE-2024-10975 Nomad Vulnerable To Cross-Namespace Volume Creation Abusing CSI Write Permission — Nomad 7.7 High2024-11-07
CVE-2024-20537 Cisco Identity Services Engine Authorization Bypass Vulnerability — Cisco Identity Services Engine Software 6.5 Medium2024-11-06
CVE-2024-9902 Ansible-core: ansible-core user may read/write unauthorized content 6.3 Medium2024-11-06
CVE-2024-49256 WordPress Htaccess File Editor plugin <= 1.0.18 - Broken Access Control vulnerability — Htaccess File Editor 6.5 Medium2024-11-01
CVE-2024-49501 OMRON Sysmac Studio 安全漏洞 — SYSMAC-SE2[][][] 9.8AICriticalAI2024-11-01
CVE-2024-50419 WordPress Greenshift plugin <=9.7 - Broken Access Control vulnerability — Greenshift 5.4 Medium2024-10-30
CVE-2024-9825 The Chef Habitat builder is impacted by Indirect Object reference(IDOR) by deletion of personal access token — Chef Habitat Builder 5.4 Medium2024-10-28
CVE-2024-10295 Gateway: apicast basic auth bypass via malformed base64 headerssending non-base64 'basic' auth with special characters causes apicast to incorrectly authenticate a request 7.5 High2024-10-24
CVE-2024-20482 Cisco Secure Firewall Management Center 安全漏洞 — Cisco Firepower Management Center 6.5 Medium2024-10-23

Vulnerabilities classified as CWE-863 (授权机制不正确) represent 1255 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.