The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,401 vulnerabilities with CWE-862
CVE-2023-4938
MEDIUM
BEAR Professional for WooCommerce <= 1.1.3.3 - Authenticated Missing Authorization
CVSS 4.3
CVE-2023-44689
MEDIUM
e-Gov Client Application < 2.1.1.0 (Windows) and < 1.1.1.0 (macOS) - Missing Authorization via Custom URL Scheme Handler
CVSS 4.3
CVE-2023-42473
MEDIUM
SAP S/4HANA 106 - Authenticated Privilege Escalation via Missing Authorization
CVSS 5.4
CVE-2023-45247
HIGH
Acronis Agent < c23.10 - Unauthenticated Sensitive Information Disclosure and Manipulation
CVSS 7.1
CVE-2023-43700
HIGH
SICK APU0200 Firmware < 4.0.0.6 - Unauthenticated Data Modification via RDT400 HTTP Requests
CVSS 7.7
CVE-2023-5331
MEDIUM
Mattermost < 7.8.11 - Missing Authorization in Draft Post File Attachment
CVSS 4.3
CVE-2023-45370
MEDIUM
MediaWiki SportsTeams Extension <1.35.12, 1.36.x-1.39.x <1.39.5, 1.40.x <1.40.1 - Missing Authorization
CVSS 5.3
CVE-2023-40654
MEDIUM
FW-PackageManager - Privilege Escalation
CVSS 6.7
CVE-2023-40653
MEDIUM
FW-PackageManager - Privilege Escalation
CVSS 6.7
CVE-2023-40650
MEDIUM
Android - Local Information Disclosure via Missing Permission Check in Telecom Service
CVSS 5.5
CVE-2023-40649
MEDIUM
Android - Missing Authorization in Messaging
CVSS 5.5
CVE-2023-40648
MEDIUM
Google Android Messaging - Information Disclosure
CVSS 5.5
CVE-2023-40647
MEDIUM
Google Android Messaging - Information Disclosure
CVSS 5.5
CVE-2023-40646
MEDIUM
Android - Missing Authorization in Messaging
CVSS 5.5
CVE-2023-40645
MEDIUM
Google Android Messaging - Information Disclosure
CVSS 5.5
CVE-2023-40644
MEDIUM
Android - Missing Authorization in Messaging
CVSS 5.5
CVE-2023-40643
MEDIUM
Android - Missing Authorization in Messaging
CVSS 5.5
CVE-2023-40642
MEDIUM
Google Android Messaging - Information Disclosure
CVSS 5.5
CVE-2023-40641
MEDIUM
Google Android Messaging - Information Disclosure
CVSS 5.5
CVE-2023-40640
MEDIUM
Android - Missing Authorization in SoundRecorder Service
CVSS 5.5
CVE-2023-40639
MEDIUM
Android - Missing Authorization in SoundRecorder Service
CVSS 5.5
CVE-2023-40638
MEDIUM
Android - Missing Authorization in Telecom Service
CVSS 4.4
CVE-2023-40637
MEDIUM
Android - Local Information Disclosure via Missing Permission Check in Telecom Service
CVSS 5.5
CVE-2023-40636
MEDIUM
Android - Local Information Disclosure via Permission Usage Record Write
CVSS 4.4
CVE-2023-40635
HIGH
Android - Missing Authorization in linkturbo
CVSS 7.8
Details
Vulnerabilities
8,401
Exploit Likelihood
High