Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-862

CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,345 vulnerabilities with CWE-862

CVE-2024-32589 HIGH

UkrSolution Barcode Scanner <1.5.3 - Info Disclosure

CVE-2024-8860 MEDIUM

Tourfic < 2.14.5 - Authenticated Missing Authorization in Order and Visitor Management Functions

CVE-2024-53298 CRITICAL

Dell PowerScale OneFS 9.5.0.0-9.10.0.1 - Unauthenticated Arbitrary File Read, Write, and Delete via NFS Export

CVE-2024-47055 MEDIUM

Mautic - Insecure Direct Object Reference

CVE-2024-54020 LOW

Fortinet FortiManager <7.2.1 - Privilege Escalation

CVE-2024-12812 HIGH

WP ERP < 1.13.4 - Missing Authorization to Terminated Employee Data

CVE-2024-56006 MEDIUM

Jetpack Debug Tools <2.0.1 - Info Disclosure

CVE-2024-51666 MEDIUM

Automattic Tours <1.0.0 - Info Disclosure

CVE-2024-58101 HIGH

Samsung Galaxy Buds - Info Disclosure

CVE-2024-13420 MEDIUM

G5Theme April Framework <5.1 - Authenticated Missing Authorization via AJAX Actions

CVE-2024-13419 MEDIUM

G5Theme April Framework < 5.1 - Authenticated Stored Cross-Site Scripting via saveOptions() and importThemeOptions()

CVE-2024-13307 MEDIUM

Reales WP - Real Estate WordPress Theme <2.1.2 - Info Disclosure

CVE-2024-12244 MEDIUM

GitLab 17.7-17.9.6, 17.10-17.10.4, 17.11 - Missing Authorization

CVE-2024-53591 CRITICAL

Seclore v3.27.5.0 - Unauthenticated Authentication Bypass via Brute Force Attack

CVE-2024-13776 HIGH

ZoomSounds WordPress Plugin <= 6.91 - Authenticated Data Modification via dzsap_delete_notice

CVE-2024-13637 MEDIUM

Demo Awesome <1.0.3 - Privilege Escalation

CVE-2024-55070 LOW

mealie 2.2.0 - Broken Object Level Authorization in Household Permissions

CVE-2024-55073 HIGH

mealie v2.2.0 - Broken Object Level Authorization in User Profile Endpoint

CVE-2024-55072 MEDIUM

mealie v2.2.0 - Broken Object Level Authorization in User Profile Endpoint

CVE-2024-13801 HIGH

BWL Advanced FAQ Manager <2.1.4 - DoS

CVE-2024-13737 MEDIUM

Motors - Car Dealer < 1.4.57 - Authenticated Arbitrary Post Deletion & Template Creation

CVE-2024-9096 HIGH

lunary 1.4.28 - Missing Authorization in /checklists/:id PATCH Endpoint

CVE-2024-9095 CRITICAL

lunary v1.4.28 - Authenticated Missing Authorization in BigQuery API Route

CVE-2024-9000 MEDIUM

lunary < 1.4.26 - Missing Authorization in checklists.post() Endpoint

CVE-2024-8999 HIGH

lunary < 1.4.26 - Unauthenticated Database Export via BigQuery Endpoint

Previous Page 157 of 334 Next

Details

Vulnerabilities 8,345

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy