The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,401 vulnerabilities with CWE-862
CVE-2023-5165
HIGH
Docker Desktop <4.23.0 - Auth Bypass
CVSS 7.1
CVE-2023-41296
CRITICAL
Kernel Module - Privilege Escalation
CVSS 9.1
CVE-2023-43090
MEDIUM
GNOME Shell 43-43.9 - Unauthenticated Information Disclosure via Lock Screen Screenshot Tool
CVSS 5.5
CVE-2023-43135
CRITICAL
TP-LINK ER5120G <4.0.2.0.0 - Info Disclosure
CVSS 9.8
CVE-2023-43134
CRITICAL
Netis 360RAC1200 <1.3.4517 - Info Disclosure
CVSS 9.8
CVE-2023-43501
MEDIUM
Jenkins Build Failure Analyzer Plugin <2.4.1 - SSRF
CVSS 6.5
CVE-2023-5054
MEDIUM
Super Store Finder <6.9.3 - Unauthenticated RCE
CVSS 5.8
CVE-2023-0923
HIGH
Red Hat OpenShift Data Science 1.22-1.22.1-3 - Missing Authorization in Jupyter API
CVSS 8.8
CVE-2023-4948
MEDIUM
WooCommerce CVR Payment Gateway <6.1.0 - Info Disclosure
CVSS 4.3
CVE-2023-42469
LOW
full_dialer <= 1.0.1 - Unauthenticated Phone Call Placement via Crafted Intent
CVSS 3.3
CVE-2023-39073
CRITICAL
SNMP Web Pro <1.1 - RCE, Info Disclosure
CVSS 9.8
CVE-2023-40625
MEDIUM
S4CORE Manage Purchase Contracts App - Privilege Escalation
CVSS 5.4
CVE-2023-35677
MEDIUM
Android - Missing Authorization in DeviceAdminAdd
CVSS 5.5
CVE-2023-35665
HIGH
Android - Missing Authorization for Contact Import
CVSS 7.8
CVE-2023-36140
CRITICAL
PHPJabbers Cleaning Business Software 1.0 - Info Disclosure
CVSS 9.8
CVE-2023-4630
MEDIUM
GitLab <16.1.5-16.2.5-16.3.1 - Info Disclosure
CVSS 5.0
CVE-2023-4104
MEDIUM
Mozilla VPN < 2.16.1 (Linux) - Unauthenticated VPN Configuration via D-Bus
CVSS 5.5
CVE-2023-40040
MEDIUM
MyCrops HiGrade 1.0.337 - Unauthenticated Camera Access via CameraActivity Component
CVSS 5.3
CVE-2023-4792
MEDIUM
Duplicate Post Page Menu & Custom Post Type <2.3.1 - Privilege Esca...
CVSS 4.3
CVE-2023-41947
MEDIUM
Jenkins Frugal Testing Plugin < 1.1 - Missing Authorization for Frugal Testing Connection
CVSS 4.3
CVE-2023-41945
HIGH
Jenkins Assembla Auth Plugin < 1.14 - Missing Authorization
CVSS 8.8
CVE-2023-41943
MEDIUM
Jenkins AWS CodeCommit Trigger Plugin < 3.0.12 - Missing Authorization in HTTP Endpoint
CVSS 6.5
CVE-2023-41941
MEDIUM
Jenkins AWS CodeCommit Trigger Plugin < 3.0.12 - Missing Authorization for Credential ID Enumeration
CVSS 4.3
CVE-2023-41908
MEDIUM
cerebrate < 1.15 - Missing Secure Attribute for Session Cookie
CVSS 5.3
CVE-2023-4059
MEDIUM
Profile Builder < 3.9.8 - Unauthenticated Missing Authorization and CSRF in Page Creation Function
CVSS 4.3
Details
Vulnerabilities
8,401
Exploit Likelihood
High