CWE-285

High likelihood

Improper Authorization

Parent: CWE-284 - Improper Access Control

The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.

1,328 vulnerabilities with CWE-285
CVE-2022-36838 MEDIUM
Samsung Galaxy Wearable < 2.2.50 - Implicit Intent Hijacking
CVSS 4.0
CVE-2022-36837 MEDIUM
Samsung Email < 6.1.70.20 - Unauthenticated Intent Redirection
CVSS 6.2
CVE-2022-33722 MEDIUM
Smart View <SMR Aug-2022 Release 1 - Info Disclosure
CVSS 4.0
CVE-2022-2595 CRITICAL
kromitgmbh/titra <0.79.1 - Info Disclosure
CVSS 10.0
CVE-2022-26310 HIGH
Pandora FMS v7.0NG.760 - Privilege Escalation
CVSS 7.3
CVE-2022-24083 CRITICAL
Pega Infinity 7.3.1 through 8.7.2 - Authentication Bypass
CVSS 9.8
CVE-2022-31168 MEDIUM
Zulip Server <5.5 - Privilege Escalation
CVSS 5.4
CVE-2022-2393 MEDIUM
pki-core - Authenticated User Impersonation via Directory-Based Authentication
CVSS 5.7
CVE-2022-33713 HIGH
Samsung Cloud <5.2.0 - Info Disclosure
CVSS 7.5
CVE-2022-33712 MEDIUM
Camera <12.0.01.64-12.0.3.23-12.0.0.98-12.0.6.11-12.0.3.19 - Open R...
CVSS 5.3
CVE-2022-33705 LOW
Calendar <12.3.05.10000 - Info Disclosure
CVSS 3.3
CVE-2022-33702 MEDIUM
Knoxguard <SMR Jul-2022 Release 1 - Privilege Escalation
CVSS 6.2
CVE-2022-30757 MEDIUM
isemtelephony <SMR Jul-2022 Release 1 - Info Disclosure
CVSS 4.0
CVE-2022-30670 HIGH
RoboHelp Server < 11 Update 3 - Authenticated Privilege Escalation
CVSS 8.8
CVE-2022-2019 HIGH
SourceCodester Prison Management System 1.0 - Improper Authorization in New User Creation
CVSS 7.3
CVE-2022-30746 HIGH
Smart Things <1.7.85.12 - Info Disclosure
CVSS 7.5
CVE-2022-30730 MEDIUM
Samsung Pass <1.0.00.33 - Info Disclosure
CVSS 4.6
CVE-2022-30722 MEDIUM
Samsung Account <SMR Jun-2022 Release 1 - CSRF
CVSS 6.2
CVE-2022-30717 MEDIUM
AR Emoji <SMR Jun-2022 Release 1 - Info Disclosure
CVSS 4.0
CVE-2022-31025 LOW
Discourse <2.8.4-2.9.0.beta5 - Auth Bypass
CVSS 2.6
CVE-2022-29236 MEDIUM
BigBlueButton <2.3.18, <2.4-rc-6 - Privilege Escalation
CVSS 4.3
CVE-2022-29234 MEDIUM
BigBlueButton <2.3.18, <2.4.1 - Info Disclosure
CVSS 4.3
CVE-2022-29233 MEDIUM
BigBlueButton <2.3.18, <2.4-rc-1 - Auth Bypass
CVSS 4.3
CVE-2022-26773 HIGH
iTunes < 12.12.4 - Unauthorized File Deletion via Logic Issue
CVSS 7.1
CVE-2022-26857 CRITICAL
Dell OpenManage Enterprise <3.8.3 - Privilege Escalation
CVSS 9.0
Details
Vulnerabilities 1,328
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits