CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,401 vulnerabilities with CWE-862
CVE-2023-38445 MEDIUM
Android - Missing Authorization in vowifiservice
CVSS 5.5
CVE-2023-38444 HIGH
vowifiservice - Privilege Escalation
CVSS 7.8
CVE-2023-38443 HIGH
vowifiservice - Privilege Escalation
CVSS 7.8
CVE-2023-38442 MEDIUM
Android - Missing Authorization in vowifiservice
CVSS 5.5
CVE-2023-38441 MEDIUM
Android - Missing Authorization in vowifiservice
CVSS 5.5
CVE-2023-38440 MEDIUM
Android - Missing Authorization in vowifiservice
CVSS 5.5
CVE-2023-38439 MEDIUM
Android - Local Information Disclosure via Missing Permission Check in vowifiservice
CVSS 5.5
CVE-2023-38438 MEDIUM
Android - Missing Authorization in vowifiservice
CVSS 5.5
CVE-2023-38437 MEDIUM
Android - Local Information Disclosure via Missing Permission Check in vowifiservice
CVSS 5.5
CVE-2023-38436 MEDIUM
Android - Missing Authorization in vowifiservice
CVSS 5.5
CVE-2023-33918 MEDIUM
Android - Missing Authorization in vowifiservice
CVSS 5.5
CVE-2023-33917 MEDIUM
Android - Missing Authorization in vowifiservice
CVSS 5.5
CVE-2023-33916 MEDIUM
Android - Missing Authorization in vowifiservice
CVSS 5.5
CVE-2023-33915 HIGH
LTE Protocol Stack - Info Disclosure
CVSS 7.5
CVE-2023-41046 MEDIUM
XWiki 7.2-14.10.9 - Unauthenticated Velocity Code Execution via XClass TextArea Property
CVSS 6.3
CVE-2023-23763 MEDIUM
GitHub Enterprise Server 3.6.0-3.6.17 - Unauthorized Read Access via Fork Visibility Change
CVSS 5.3
CVE-2023-24674 HIGH
Bludit CMS <4.0.0 - Privilege Escalation
CVSS 7.8
CVE-2023-41750 MEDIUM
Acronis Agent < c23.03 - Unauthenticated Sensitive Information Disclosure
CVSS 5.5
CVE-2023-4245 MEDIUM
WooCommerce PDF Invoice Builder <1.2.89 - Info Disclosure
CVSS 4.3
CVE-2023-3999 MEDIUM
Waiting: One-click countdowns <= 0.6.2 - Authenticated Authorization Bypass via AJAX Calls
CVSS 6.3
CVE-2023-2353 MEDIUM
CHP Ads Block Detector <3.9.4 - Privilege Escalation
CVSS 4.3
CVE-2023-2174 MEDIUM
BadgeOS <= 3.7.1.6 - Authenticated Log Entry Deletion via Missing Capability Check
CVSS 4.3
CVE-2023-40530 MEDIUM
Skylark < 6.2.13 - Missing Authorization via Custom URL Scheme Handler
CVSS 4.7
CVE-2023-38508 MEDIUM
Tuleap <14.11.99.28 & <14.10-6 & <14.11-3 - Info Disclosure
CVSS 6.5
CVE-2023-4302 MEDIUM
Jenkins Fortify Plugin <22.1.38 - Open Redirect
CVSS 4.2
Details
Vulnerabilities 8,401
Exploit Likelihood High