Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-863 (授权机制不正确) — Vulnerability Class 1244

1244 vulnerabilities classified as CWE-863 (授权机制不正确). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-37492 Missing Authorization check in SAP NetWeaver AS ABAP and ABAP Platform — SAP NetWeaver AS ABAP and ABAP Platform 4.9 Medium2023-08-08
CVE-2023-37491 Improper Authorization check vulnerability in SAP Message Server — SAP Message Server 7.5 High2023-08-08
CVE-2023-39363 Vyper incorrectly allocated named re-entrancy locks — vyper 9.1 -2023-08-07
CVE-2023-23476 IBM Robotic Process Automation information disclosure — Robotic Process Automation 3.1 Low2023-08-02
CVE-2023-32629 Canonical Ubuntu 安全漏洞 — Ubuntu Kernel 7.8 High2023-07-26
CVE-2023-2640 Canonical Ubuntu Linux 安全漏洞 — Ubuntu Kernel 7.8 High2023-07-26
CVE-2023-38493 Paths contain matrix variables bypass decorators — armeria 7.5 High2023-07-25
CVE-2023-3484 Incorrect Authorization in GitLab — GitLab 8.0 High2023-07-21
CVE-2023-3459 Export and Import Users and Customers <= 2.4.1 - Missing Authorization to Authenticated (Shop Manager) Arbitrary User Password Change — Export and Import Users and Customers 7.2 High2023-07-18
CVE-2023-3613 Guest accounts invited and added to channels by Welcomebot plugin — Mattermost Plugins 3.5 Low2023-07-17
CVE-2023-3590 Deleted attachments in Boards remain accessible — Mattermost 3.1 Low2023-07-17
CVE-2023-3586 Disabling publicly-shared boards does not disable existing publicly available board links — Mattermost 4.2 Medium2023-07-17
CVE-2023-3584 Member can create team with team override scheme — Mattermost 3.1 Low2023-07-17
CVE-2023-3582 Lack of channel membership check when linking a board to a channel — Mattermost 4.3 Medium2023-07-17
CVE-2023-2759 TAPHOME Improper Authentication in Core Platform — Core Platform 8.8 High2023-07-17
CVE-2023-2576 Incorrect Authorization in GitLab — GitLab 4.3 Medium2023-07-13
CVE-2023-3444 Incorrect Authorization in GitLab — GitLab 5.7 Medium2023-07-13
CVE-2023-35908 Apache Airflow: Access to DAGs without relevant permission — Apache Airflow 5.3 -2023-07-12
CVE-2023-30428 Apache Pulsar Broker: Incorrect Authorization Validation for Rest Producer — Apache Pulsar Broker 8.2 High2023-07-12
CVE-2023-30429 Apache Pulsar: Incorrect Authorization for Function Worker when using mTLS Authentication through Pulsar Proxy — Apache Pulsar 9.6 Critical2023-07-12
CVE-2023-37579 Apache Pulsar Function Worker: Incorrect Authorization for Function Worker Can Leak Sink/Source Credentials — Apache Pulsar Function Worker 8.2 High2023-07-12
CVE-2023-3485 Insecure Default Authorization in Temporal Server — Temporal Server 3.0 Low2023-06-30
CVE-2023-35165 AWS CDK EKS overly permissive trust policies — aws-cdk 6.6 Medium2023-06-23
CVE-2023-0971 Command Authentication Bypass in Z/IP Gateway — Z/IP Gateway 9.6 Critical2023-06-21
CVE-2023-35166 Privilege escalation (PR) from account through TipsPanel — xwiki-platform 10.0 Critical2023-06-20
CVE-2022-22307 IBM Security Guardium privilege escalation — Security Guardium 4.4 Medium2023-06-15
CVE-2023-29296 [Cloud] Customer suspects IDOR vulnerability — Magento Commerce 4.3 Medium2023-06-15
CVE-2023-29295 Insecure Direct Object Reference (IDOR) in Create Quote Function — Magento Commerce 4.3 Medium2023-06-15
CVE-2023-29288 Adobe Commerce | Incorrect Authorization (CWE-863) — Adobe Commerce 4.3 Medium2023-06-15
CVE-2023-22248 Adobe Commerce Incorrect Authorization Security feature bypass — Magento Commerce 7.5 High2023-06-15

Vulnerabilities classified as CWE-863 (授权机制不正确) represent 1244 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.