The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,401 vulnerabilities with CWE-862
CVE-2023-40634
HIGH
Phasechecksercer - Privilege Escalation
CVSS 7.8
CVE-2023-40633
MEDIUM
Android - Unauthenticated Local Information Disclosure via Phasecheckserver Missing Permission Check
CVSS 5.5
CVE-2023-40631
MEDIUM
Android - Missing Authorization in Dialer
CVSS 4.4
CVE-2023-21291
MEDIUM
Android - Local Information Disclosure via Notification URI Handling
CVSS 5.5
CVE-2023-21244
MEDIUM
Android - Missing Authorization in Notification.java visitUris
CVSS 6.7
CVE-2023-45246
HIGH
Acronis Agent < c23.09 - Unauthenticated Sensitive Information Disclosure and Manipulation
CVSS 7.1
CVE-2023-4469
MEDIUM
BestWebSoft plugin <1.2.7 - Info Disclosure
CVSS 5.3
CVE-2023-45245
MEDIUM
Acronis Agent < c23.08 - Unauthenticated Sensitive Information Disclosure
CVSS 5.5
CVE-2023-45244
HIGH
Acronis Agent < c23.07 - Sensitive Information Disclosure and Manipulation
CVSS 7.1
CVE-2023-45243
MEDIUM
Acronis Agent < c23.06 - Unauthenticated Sensitive Information Disclosure
CVSS 5.5
CVE-2023-45242
MEDIUM
Acronis Agent < c23.06 - Unauthenticated Sensitive Information Disclosure
CVSS 5.5
CVE-2023-45240
MEDIUM
Acronis Agent < c23.06 - Unauthenticated Sensitive Information Disclosure
CVSS 5.5
CVE-2023-44214
MEDIUM
Acronis Agent < c23.06 - Unauthenticated Sensitive Information Disclosure
CVSS 5.5
CVE-2023-44212
HIGH
Acronis Agent < c23.01 - Sensitive Information Disclosure and Manipulation
CVSS 7.1
CVE-2023-44211
HIGH
Acronis Agent < c23.02 - Sensitive Information Disclosure and Manipulation
CVSS 7.1
CVE-2023-44210
MEDIUM
Acronis Cyber Protect Cloud Agent and Acronis Cyber Protect 17 - Sensitive Information Disclosure and Manipulation
CVSS 5.5
CVE-2023-40376
MEDIUM
IBM UrbanCode Deploy 7.1-7.1.2.12, 7.2-7.2.3.5, 7.3-7.3.2.0 - Authenticated Environment Variable Modification
CVSS 5.3
CVE-2023-44208
CRITICAL
Acronis Cyber Protect Home Office < 40713 & True Image OEM < 42575 - Unauthenticated Info Disclosure & Manipulation
CVSS 9.1
CVE-2023-3213
MEDIUM
WP Mail SMTP Pro <3.8.0 - Info Disclosure
CVSS 5.3
CVE-2023-3770
MEDIUM
ingepac DA3451 Firmware - Unauthenticated Information Disclosure via Discovery Port Protocol
CVSS 5.3
CVE-2023-5321
MEDIUM
hamza417/inure - Missing Authorization
CVSS 5.5
CVE-2023-2233
LOW
GitLab 11.8-16.2.7, 16.3-16.3.4, 16.4 - Missing Authorization for Sentry Project Leak
CVSS 3.1
CVE-2023-43652
HIGH
JumpServer 2.0.0-2.28.19 - Unauthenticated Authentication Bypass via SSH Public Key
CVSS 8.2
CVE-2023-20252
CRITICAL
Cisco Catalyst SD-WAN Manager Software - Auth Bypass
CVSS 9.8
CVE-2023-0456
HIGH
APICast < 2.12.2 - Missing Authorization via OIDC Token Realm Mismatch
CVSS 7.4
Details
Vulnerabilities
8,401
Exploit Likelihood
High