Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-863 (授权机制不正确) — Vulnerability Class 1255

1255 vulnerabilities classified as CWE-863 (授权机制不正确). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-48712 User authorization bug leading to privilege escalation in warpgate — warpgate 7.1 High2023-11-24
CVE-2023-5553 AXIS OS 安全漏洞 — AXIS OS 7.6 High2023-11-21
CVE-2023-48218 Strapi Protected Populate Plugin leaking fields if the request fields where empty or only fields selected where not populatable — strapi-plugin-protected-populate 5.3 Medium2023-11-20
CVE-2023-3379 WAGO: Improper Privilege Management in web-based management — Compact Controller 100 (751-9301) 5.3 Medium2023-11-20
CVE-2022-40681 Fortinet FortiClient 安全漏洞 — FortiClientWindows 7.1 High2023-11-14
CVE-2023-31403 Improper Access Control vulnerability in SAP Business One product installation — SAP Business One 9.6 Critical2023-11-14
CVE-2023-47037 Apache Airflow missing fix for CVE-2023-40611 in 2.7.1 (DAG run broken access) — Apache Airflow 5.4 -2023-11-12
CVE-2023-4379 Incorrect Authorization in GitLab — GitLab 8.1 High2023-11-09
CVE-2023-46244 Privilege escalation in Xwiki platform — xwiki-platform 9.1 Critical2023-11-07
CVE-2023-46139 KernelSU signature validation mismatch — KernelSU 5.0 Medium2023-10-30
CVE-2023-38218 Incorrect Authorization - Customer account takeover — Adobe Commerce 8.8 High2023-10-13
CVE-2023-41882 vantage6 Improper Access Control vulnerability — vantage6 5.4 Medium2023-10-11
CVE-2023-28635 Defining resource name as integer in vantage6 may give unintended access — vantage6 5.4 Medium2023-10-11
CVE-2023-5521 Incorrect Authorization in tiann/kernelsu — tiann/kernelsu 8.3 -2023-10-11
CVE-2023-36556 Fortinet FortiMail 安全漏洞 — FortiMail 8.6 High2023-10-10
CVE-2022-3248 Openshift api admission checks does not enforce "custom-host" permissions — kubernetes 4.4 Medium2023-10-05
CVE-2023-4997 Improper authorisation in Uptime DC — UptimeDC 8.8 High2023-10-04
CVE-2023-5106 Incorrect Authorization in GitLab — GitLab 8.2 High2023-10-02
CVE-2023-5194 A system/user manager can demote / deactivate another manager — Mattermost 2.7 Low2023-09-29
CVE-2023-5195 A team member can soft delete other teams that they are not part of — Mattermost 6.5 Medium2023-09-29
CVE-2023-5193 System Role with manage posts permission can read posts of Direct Messages — Mattermost 4.9 Medium2023-09-29
CVE-2023-5159 A User Manager role with user edit permissions could manage/update bots — Mattermost 3.8 Low2023-09-29
CVE-2023-5198 Incorrect Authorization in GitLab — GitLab 4.3 Medium2023-09-29
CVE-2023-3920 Incorrect Authorization in GitLab — GitLab 4.3 Medium2023-09-29
CVE-2023-3979 Incorrect Authorization in GitLab — GitLab 3.1 Low2023-09-29
CVE-2023-4532 Incorrect Authorization in GitLab — GitLab 4.3 Medium2023-09-29
CVE-2023-5009 Incorrect Authorization in GitLab — GitLab 9.6 High2023-09-19
CVE-2023-40611 Apache Airflow Dag Runs Broken Access Control Vulnerability — Apache Airflow 7.1 -2023-09-12
CVE-2023-37881 Weak Access Control between Domains in Wing FTP Server <= 7.2.0 — Wing FTP Server 4.9 Medium2023-09-12
CVE-2023-40309 Missing Authorization check in SAP CommonCryptoLib — SAP CommonCryptoLib 9.8 Critical2023-09-12

Vulnerabilities classified as CWE-863 (授权机制不正确) represent 1255 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.