The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,401 vulnerabilities with CWE-862
CVE-2023-38445
MEDIUM
Android - Missing Authorization in vowifiservice
CVSS 5.5
CVE-2023-38444
HIGH
vowifiservice - Privilege Escalation
CVSS 7.8
CVE-2023-38443
HIGH
vowifiservice - Privilege Escalation
CVSS 7.8
CVE-2023-38442
MEDIUM
Android - Missing Authorization in vowifiservice
CVSS 5.5
CVE-2023-38441
MEDIUM
Android - Missing Authorization in vowifiservice
CVSS 5.5
CVE-2023-38440
MEDIUM
Android - Missing Authorization in vowifiservice
CVSS 5.5
CVE-2023-38439
MEDIUM
Android - Local Information Disclosure via Missing Permission Check in vowifiservice
CVSS 5.5
CVE-2023-38438
MEDIUM
Android - Missing Authorization in vowifiservice
CVSS 5.5
CVE-2023-38437
MEDIUM
Android - Local Information Disclosure via Missing Permission Check in vowifiservice
CVSS 5.5
CVE-2023-38436
MEDIUM
Android - Missing Authorization in vowifiservice
CVSS 5.5
CVE-2023-33918
MEDIUM
Android - Missing Authorization in vowifiservice
CVSS 5.5
CVE-2023-33917
MEDIUM
Android - Missing Authorization in vowifiservice
CVSS 5.5
CVE-2023-33916
MEDIUM
Android - Missing Authorization in vowifiservice
CVSS 5.5
CVE-2023-33915
HIGH
LTE Protocol Stack - Info Disclosure
CVSS 7.5
CVE-2023-41046
MEDIUM
XWiki 7.2-14.10.9 - Unauthenticated Velocity Code Execution via XClass TextArea Property
CVSS 6.3
CVE-2023-23763
MEDIUM
GitHub Enterprise Server 3.6.0-3.6.17 - Unauthorized Read Access via Fork Visibility Change
CVSS 5.3
CVE-2023-24674
HIGH
Bludit CMS <4.0.0 - Privilege Escalation
CVSS 7.8
CVE-2023-41750
MEDIUM
Acronis Agent < c23.03 - Unauthenticated Sensitive Information Disclosure
CVSS 5.5
CVE-2023-4245
MEDIUM
WooCommerce PDF Invoice Builder <1.2.89 - Info Disclosure
CVSS 4.3
CVE-2023-3999
MEDIUM
Waiting: One-click countdowns <= 0.6.2 - Authenticated Authorization Bypass via AJAX Calls
CVSS 6.3
CVE-2023-2353
MEDIUM
CHP Ads Block Detector <3.9.4 - Privilege Escalation
CVSS 4.3
CVE-2023-2174
MEDIUM
BadgeOS <= 3.7.1.6 - Authenticated Log Entry Deletion via Missing Capability Check
CVSS 4.3
CVE-2023-40530
MEDIUM
Skylark < 6.2.13 - Missing Authorization via Custom URL Scheme Handler
CVSS 4.7
CVE-2023-38508
MEDIUM
Tuleap <14.11.99.28 & <14.10-6 & <14.11-3 - Info Disclosure
CVSS 6.5
CVE-2023-4302
MEDIUM
Jenkins Fortify Plugin <22.1.38 - Open Redirect
CVSS 4.2
Details
Vulnerabilities
8,401
Exploit Likelihood
High