Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-862

CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,331 vulnerabilities with CWE-862

CVE-2025-4520 MEDIUM

Uncanny Automator < 6.4.0.2 - Authenticated Data Modification via Missing Capability Check

CVE-2025-4339 MEDIUM

TheGem <= 5.10.3 - Authenticated Arbitrary Theme Options Update via ajaxApi() Missing Capability Check

CVE-2025-43011 HIGH

SAP Landscape Transformation - Privilege Escalation

CVE-2025-43009 MEDIUM

SAP Service Parts Management (SPM) - Missing Authorization

CVE-2025-43008 MEDIUM

SAP S/4HANA HCM Portugal and SAP ERP HCM Portugal - Unauthenticated Information Disclosure via Missing Authorization

CVE-2025-43007 MEDIUM

SAP Service Parts Management (SPM) - Authenticated Privilege Escalation via Missing Authorization

CVE-2025-43004 MEDIUM

Production Operator Dashboards - Info Disclosure

CVE-2025-43000 HIGH

Promotion Management Wizard - Info Disclosure

CVE-2025-30448 CRITICAL

iPadOS < 17.7.7 - Unauthenticated iCloud Folder Sharing Enablement

CVE-2025-46745 MEDIUM

SEL Blueframe OS < 1.12.0 - Authenticated Missing Authorization

CVE-2025-26846 CRITICAL

Znuny 6.0.0-6.0.48 - Missing Authorization in Generic Interface Ticket Metadata Update

CVE-2025-3876 HIGH

SMS Alert Order Notifications < 3.8.1 - Authenticated Privilege Escalation via Insufficient OTP Validation

CVE-2025-28202 HIGH

Victure RX1800 EN_V1.0.0_r12_110933 - Unauthenticated SSH and Telnet Service Enablement

CVE-2025-3949 MEDIUM

Website Builder by SeedProd < 6.18.15 - Authenticated Unauthorized Data Access via seedprod_lite_get_revisisons Function

CVE-2025-20164 HIGH

Cisco Industrial Ethernet Switch Device Manager - Privilege Escalation

CVE-2025-47692 MEDIUM

ContentStudio <1.3.3 - Info Disclosure

CVE-2025-47688 MEDIUM

Advanced File Manager <= 5.3.1 - Missing Authorization

CVE-2025-47628 MEDIUM

quomodosoft QS Dark Mode <= 3.0 - Missing Authorization

CVE-2025-47612 MEDIUM

ClickWhale <= 2.4.6 - Missing Authorization

CVE-2025-47602 MEDIUM

Calculate Prices based on Distance For WooCommerce <= 1.3.5 - Missing Authorization

CVE-2025-47591 MEDIUM

CreedAlly Bulk Featured Image <1.2.1 - RCE

CVE-2025-47528 MEDIUM

Ovation Elements <1.1.2 - Info Disclosure

CVE-2025-47526 MEDIUM

GS Variation Swatches for WooCommerce <3.0.4 - Info Disclosure

CVE-2025-47486 MEDIUM

CyberChimps Gutenberg & Elementor Templates Importer For Responsive...

CVE-2025-47485 MEDIUM

CozyBlocks <2.1.22 - Info Disclosure

Previous Page 131 of 334 Next

Details

Vulnerabilities 8,331

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy