Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-863 (授权机制不正确) — Vulnerability Class 1255

1255 vulnerabilities classified as CWE-863 (授权机制不正确). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-45586 Account Take Over Vulnerability — XTS Web Trader 8.8 -2024-09-03
CVE-2024-38868 Incorrect Authorization — Endpoint Central 7.6 High2024-08-30
CVE-2024-41964 Insufficient permission checks in the language settings in Kirby CMS — kirby 8.1 High2024-08-29
CVE-2024-43954 WordPress Droip plugin <= 1.1.1 - Subscriber+ Settings Change/Data Exposure Vulnerability — Droip 6.3 Medium2024-08-29
CVE-2024-45037 AWS CDK RestApi not generating authorizationScope correctly in resultant CFN template — aws-cdk 6.4 Medium2024-08-27
CVE-2024-8011 Logitech Options 安全漏洞 — Options+ 7.1AIHighAI2024-08-25
CVE-2024-38869 Incorrect Authorization — Endpoint Central 8.3 High2024-08-23
CVE-2024-7836 Themify Builder <= 7.6.1 - Missing Authorization to Authenticated (Contributor+) Post Duplication — Themify Builder 4.3 Medium2024-08-22
CVE-2024-7604 Logsign Unified SecOps Platform Incorrect Authorization Authentication Bypass Vulnerability — Unified SecOps Platform 7.8AIHighAI2024-08-21
CVE-2024-6337 Incorrect Authorization allows read access to issues in GitHub Enterprise Server — GitHub Enterprise Server 4.3AIMediumAI2024-08-20
CVE-2024-7711 GitHub Enterprise Server 安全漏洞 — GitHub Enterprise Server 5.3AIMediumAI2024-08-20
CVE-2024-39690 Capsule tenant owner with "patch namespace" permission can hijack system namespaces — capsule 8.5 High2024-08-20
CVE-2024-43250 WordPress Bit Form Pro plugin <= 2.6.4 - Authenticated Plugin Settings Change vulnerability — Bit Form Pro 7.1 High2024-08-19
CVE-2024-43131 WordPress Docket (WooCommerce Collections / Wishlist / Watchlist) plugin < 1.7.0 - Unauthenticated Arbitrary Post/Page Deletion vulnerability — Docket (WooCommerce Collections / Wishlist / Watchlist) 7.5 High2024-08-13
CVE-2024-41941 Siemens SINEC NMS 安全漏洞 — SINEC NMS 4.3 Medium2024-08-13
CVE-2024-41939 Siemens SINEC NMS 安全漏洞 — SINEC NMS 8.8 High2024-08-13
CVE-2024-42473 OpenFGA Authorization Bypass — openfga 7.5 High2024-08-09
CVE-2024-7266 Users listing in EZD RP — EZD RP 4.3AIMediumAI2024-08-07
CVE-2024-7265 Privilege Escalation in EZD RP — EZD RP 8.8AIHighAI2024-08-07
CVE-2024-42062 Apache CloudStack: User Key Exposure to Domain Admins — Apache CloudStack 7.2AIHighAI2024-08-07
CVE-2024-6358 Incorrect Authorization vulnerability — ArcSight Intelligence 6.3 Medium2024-08-06
CVE-2024-6202 HaloITSM - SAML XML Signature Wrapping (XSW) — HaloITSM 9.8 Critical2024-08-06
CVE-2024-6782 Calibre Remote Code Execution — Calibre 9.8 Critical2024-08-06
CVE-2024-38856 Apache OFBiz: Unauthenticated endpoint could allow execution of screen rendering code — Apache OFBiz 5.6AIMediumAI2024-08-05
CVE-2024-7062 Local Privilege Escalation in Nimble Commander <= v1.6.0, Build 4087 — Nimble Commander 8.8 High2024-07-26
CVE-2024-4447 DotCMS 安全漏洞 — dotCMS core 9.9 Critical2024-07-26
CVE-2024-5817 Improper authorization allows read access to issue content in GitHub Enterprise Server — GitHub Enterprise Server 4.3AIMediumAI2024-07-16
CVE-2024-5816 Improper authorization allows persistent access in GitHub Enterprise Server — GitHub Enterprise Server 9.4AICriticalAI2024-07-16
CVE-2024-39905 Red-DiscordBot vulnerable to Incorrect Authorization in commands API — Red-DiscordBot 5.3 Medium2024-07-11
CVE-2024-39871 Siemens SINEMA Remote Connect 安全漏洞 — SINEMA Remote Connect Server 6.3 Medium2024-07-09

Vulnerabilities classified as CWE-863 (授权机制不正确) represent 1255 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.