The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,401 vulnerabilities with CWE-862
CVE-2023-4434
MEDIUM
hamza417/inure < build88 - Missing Authorization
CVSS 6.1
CVE-2023-3244
MEDIUM
Comments Like Dislike <1.1.9 - Info Disclosure
CVSS 4.3
CVE-2023-40344
MEDIUM
Jenkins Delphix Plugin < 3.0.2 - Credential ID Enumeration via Missing Permission Check
CVSS 4.3
CVE-2023-39507
MEDIUM
Rikunabi NEXT < 11.5.0 - Unauthenticated Arbitrary Website Access via Custom URL Scheme Handler
CVSS 6.1
CVE-2023-4374
MEDIUM
WP Remote Users Sync <1.2.11 - Info Disclosure
CVSS 4.3
CVE-2023-40027
LOW
Keystone < 5.5.1 - Unauthenticated Admin Meta Data Exposure via GraphQL Query
CVSS 3.7
CVE-2023-39438
HIGH
SAP Contributor License Agreement Assistant < 2.13.1 - Authenticated Missing Authorization
CVSS 8.1
CVE-2023-21288
MEDIUM
Android - Missing Authorization in Notification URI Handling
CVSS 5.5
CVE-2023-21234
MEDIUM
Android - Missing Authorization in ChooseLockSettingsHelper
CVSS 5.5
CVE-2023-21140
MEDIUM
Android - Local Privilege Escalation via Missing Permission Check in ManagePermissionsActivity
CVSS 6.8
CVE-2023-21134
MEDIUM
Android - Local Privilege Escalation via Missing Permission Check in ManagePermissionsActivity
CVSS 6.8
CVE-2023-21133
MEDIUM
Android - Local Privilege Escalation via Missing Permission Check in ManagePermissionsActivity
CVSS 6.8
CVE-2023-21132
MEDIUM
Android - Local Privilege Escalation via Missing Permission Check in ManagePermissionsActivity
CVSS 6.8
CVE-2023-4106
MEDIUM
Mattermost 7.8.0-7.8.7 and 7.9.0-7.9.5 - Missing Authorization for Public Playbook Actions
CVSS 6.3
CVE-2023-4105
LOW
Mattermost 7.8.0-7.8.7 and 7.9.0-7.9.5 - Missing Authorization for Deleted Message Attachments
CVSS 3.1
CVE-2023-39966
HIGH
1Panel 1.4.3-<1.5.0 - Unauthenticated Arbitrary File Write via SaveContent Function
CVSS 7.5
CVE-2023-40216
MEDIUM
OpenBSD 7.3 - Denial of Service via Crafted DCS or CSI Terminal Escape Sequences
CVSS 5.5
CVE-2023-4282
MEDIUM
EmbedPress <3.8.2 - Info Disclosure
CVSS 5.4
CVE-2023-37862
HIGH
Phoenixcontact WP 6070-wvps Firmware < 4.0.10 - Missing Authorization
CVSS 8.2
CVE-2023-37860
HIGH
PHOENIX CONTACT WP 6xxx Series Firmware < 4.0.10 - Unauthenticated SNMP Community String Exposure
CVSS 7.5
CVE-2023-37492
MEDIUM
SAP NetWeaver Application Server ABAP - Missing Authorization Checks
CVSS 4.9
CVE-2023-33912
MEDIUM
Android - Local Information Disclosure via Contacts Service Missing Permission Check
CVSS 5.5
CVE-2023-33911
MEDIUM
Android - Local Information Disclosure via Missing Permission Check in VoWiFi Service
CVSS 5.5
CVE-2023-33910
MEDIUM
Contacts Service - Info Disclosure
CVSS 5.5
CVE-2023-33909
MEDIUM
Android - Missing Authorization in Contacts Service
CVSS 5.5
Details
Vulnerabilities
8,401
Exploit Likelihood
High