Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-862

CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,330 vulnerabilities with CWE-862

CVE-2025-28962 MEDIUM

stefanoai Advanced Google Universal Analytics <1.0.3 - Info Disclosure

CVE-2025-8943 CRITICAL

Flowise < 3.0.1 - Unauthenticated Remote Code Execution via Custom MCPs Feature

CVE-2025-50171 CRITICAL

Windows Server 2022/23H2/2025 Unauthenticated Spoofing via Remote Desktop Server

CVE-2025-8310 MEDIUM

Ivanti Virtual Application Delivery Controller < 22.9 - Authenticated Account Takeover via Admin Password Reset

CVE-2025-8482 MEDIUM

Simple Local Avatars <2.8.4 - Info Disclosure

CVE-2025-8418 HIGH

B Slider- Gutenberg Slider Block <1.1.30 - RCE

CVE-2025-47444 MEDIUM

Liquid Web GiveWP <4.6.1 - Info Disclosure

CVE-2025-6253 HIGH

UiCore Elements <= 1.3.0 - Unauthenticated Arbitrary File Read

CVE-2025-8059 CRITICAL

B Blocks plugin <2.0.6 - Privilege Escalation

CVE-2025-42955 LOW

SAP Cloud Connector - Missing Authorization Check in LDAP Connection Test Endpoint

CVE-2025-42949 MEDIUM

SAP ABAP Platform - Authenticated Missing Authorization Check in SQL Console

CVE-2025-8285 MEDIUM

Mattermost Confluence Plugin < 1.5.0 - Missing Authorization via Channel Subscription API

CVE-2025-54458 MEDIUM

Mattermost Confluence Plugin < 1.5.0 - Missing Authorization via Create Subscription Endpoint

CVE-2025-53910 MEDIUM

Mattermost Confluence Plugin <1.5.0 - Info Disclosure

CVE-2025-53857 LOW

Mattermost Confluence Plugin <1.5.0 - Info Disclosure

CVE-2025-49221 LOW

Mattermost Confluence Plugin < 1.5.0 - Unauthenticated Information Disclosure via Subscription API

CVE-2025-48731 MEDIUM

Mattermost Confluence Plugin <1.5.0 - Info Disclosure

CVE-2025-44001 MEDIUM

Mattermost Confluence Plugin < 1.5.0 - Missing Authorization via Get Channel Subscriptions API

CVE-2025-8814 MEDIUM

pybbs < 6.0.0 - Cross-Site Request Forgery via CookieUtil setCookie Function

CVE-2025-8807 MEDIUM

tianti < 2.3 - Missing Authorization in User Save Endpoint

CVE-2025-8796 MEDIUM

LitmusChaos Litmus < 3.19.0 - Missing Authorization in Delete Request Handler

CVE-2025-8739 MEDIUM

zhenfeng13 My-Blog <= 1.0.0 - Cross-Site Request Forgery via /admin/tags/save

CVE-2025-51308 MEDIUM

Gatling Enterprise <1.25.0 - Info Disclosure

CVE-2025-8595 MEDIUM

Zakra theme <4.1.5 - Privilege Escalation

CVE-2025-54608 MEDIUM

HarmonyOS - Missing Authorization in Screen Management Module

Previous Page 116 of 334 Next

Details

Vulnerabilities 8,330

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy