The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,365 vulnerabilities with CWE-862
CVE-2024-39823
MEDIUM
Zoom Meeting SDK < 6.1.0 - Missing Authorization
CVSS 4.9
CVE-2024-38699
HIGH
WP Swings Wallet System <2.5.13 - Info Disclosure
CVSS 7.5
CVE-2024-37935
HIGH
Woocommerce OpenPos <6.4.4 - Info Disclosure
CVSS 7.5
CVE-2024-42373
MEDIUM
SAP Student Life Cycle Management - Missing Authorization
CVSS 4.3
CVE-2024-41734
MEDIUM
SAP NetWeaver Application Server ABAP - Authenticated Information Disclosure via Missing Authorization
CVSS 4.3
CVE-2024-39591
MEDIUM
SAP Document Builder - Missing Authorization
CVSS 4.3
CVE-2024-42377
MEDIUM
SAP Shared Service Framework - Authenticated Missing Authorization in Remote-Enabled Function
CVSS 4.3
CVE-2024-42376
MEDIUM
SAP Shared Service Framework - Privilege Escalation
CVSS 6.5
CVE-2024-41730
CRITICAL
SAP BusinessObjects Business Intelligence Platform - Unauthenticated Missing Authorization via REST Endpoint
CVSS 9.8
CVE-2024-33005
MEDIUM
SAP NetWeaver ABAP and Java, Content Server - Missing Authorization
CVSS 6.3
CVE-2024-37930
MEDIUM
ThemeSphere SmartMag < 10.1.0 - Sensitive Data Exposure via Log File Insertion
CVSS 5.3
CVE-2024-7648
MEDIUM
Opal Membership <1.2.4 - Info Disclosure
CVSS 4.3
CVE-2024-7621
MEDIUM
Atarim WordPress Plugin <4.0.2 - Info Disclosure
CVSS 5.4
CVE-2024-6760
HIGH
FreeBSD < 13.0 - Unauthenticated Missing Authorization via Kernel Tracing
CVSS 7.5
CVE-2024-42470
MEDIUM
openHAB CometVisu < 4.2.1 - Unauthenticated Sensitive Data Exposure and Modification
CVSS 6.5
CVE-2024-42035
HIGH
Huawei EMUI - Missing Authorization in App Multiplier Module
CVSS 8.4
CVE-2024-6824
MEDIUM
Premium Addons for Elementor <4.10.38 - Privilege Escalation
CVSS 4.3
CVE-2024-6987
MEDIUM
Orchid Store <= 1.5.6 - Authenticated Arbitrary Plugin Activation via orchid_store_activate_plugin
CVSS 4.3
CVE-2024-6869
MEDIUM
Falang multilanguage for WordPress <= 1.3.52 - Authenticated Unauthorized Data Modification
CVSS 5.4
CVE-2024-43045
MEDIUM
Jenkins <2.470-<2.452.3 - Info Disclosure
CVSS 6.3
CVE-2024-6872
MEDIUM
TemplateSpare <2.4.2 - Info Disclosure
CVSS 4.3
CVE-2024-6709
MEDIUM
Sync Post With Other Site <= 1.6 - Authenticated Unauthorized Post Modification via sps_add_update_post
CVSS 4.3
CVE-2024-7031
HIGH
File Manager Pro - Filester <= 1.8.2 - Authenticated Arbitrary Setting Modification via njt_fs_saveSettingRestrictions
CVSS 7.5
CVE-2024-5331
MEDIUM
Breakdance <1.7.2 - Info Disclosure
CVSS 4.3
CVE-2024-6698
HIGH
FundEngine <1.7.0 - Privilege Escalation
CVSS 8.8
Details
Vulnerabilities
8,365
Exploit Likelihood
High