The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,401 vulnerabilities with CWE-862
CVE-2023-33908
MEDIUM
Android - Missing Authorization in IMS Service
CVSS 5.5
CVE-2023-33907
MEDIUM
Android - Local Information Disclosure via Missing Permission Check in Contacts Service
CVSS 5.5
CVE-2023-33906
MEDIUM
Android - Local Information Disclosure via Missing Permission Check in Contacts Service
CVSS 5.5
CVE-2023-38494
MEDIUM
MeterSphere <2.10.4 LTS - Info Disclosure
CVSS 5.9
CVE-2023-30950
MEDIUM
Palantir Foundry Campaigns Service - Information Disclosure
CVSS 6.5
CVE-2023-4124
MEDIUM
answer < 1.1.1 - Missing Authorization
CVSS 6.5
CVE-2023-3426
MEDIUM
Liferay Portal 7.4.3.81-7.4.3.85 and DXP 7.4 update 81-85 - Authenticated Missing Authorization in Organization Selector
CVSS 4.3
CVE-2023-38989
MEDIUM
jeesite <1.2.6 - Privilege Escalation
CVSS 4.3
CVE-2023-0958
MEDIUM
WordPress by Inisev - Privilege Escalation
CVSS 4.3
CVE-2023-38510
HIGH
Tolgee 3.14.0-3.23.0 - Missing Authorization via API Key Permission Bypass
CVSS 8.1
CVE-2023-3956
CRITICAL
InstaWP Connect <0.0.9.18 - Info Disclosure
CVSS 9.8
CVE-2023-3442
HIGH
Jenkins ServiceNow DevOps < 1.38.1 - Missing Authorization
CVSS 7.7
CVE-2023-37049
MEDIUM
emlog 2.1.9 - Arbitrary File Deletion via admin/template.php
CVSS 6.5
CVE-2023-26301
CRITICAL
HP LaserJet Pro - Privilege Escalation/Info Disclosure
CVSS 9.8
CVE-2023-3300
MEDIUM
HashiCorp Nomad <1.5.6-1.4.1 - Info Disclosure
CVSS 5.3
CVE-2023-3072
MEDIUM
HashiCorp Nomad <1.5.6-1.4.10 - Info Disclosure
CVSS 4.1
CVE-2023-33265
HIGH
Hazelcast <5.0.4, 5.1<5.1.6, 5.2<5.2.3 - Privilege Escalation
CVSS 8.8
CVE-2023-3714
HIGH
ProfileGrid <= 5.5.2 - Authenticated Missing Authorization in edit_group Handler
CVSS 7.5
CVE-2023-3713
HIGH
ProfileGrid < 5.5.1 - Authenticated Arbitrary Site Options Update via Missing Capability Check
CVSS 8.8
CVE-2023-3403
MEDIUM
ProfileGrid plugin <5.5.1 - Info Disclosure
CVSS 5.4
CVE-2023-3587
LOW
Mattermost 7.8.0-7.8.6 - Missing Authorization in Board Sharing
CVSS 2.7
CVE-2023-2268
HIGH
Plane 0.7.1 - Unauthenticated Arbitrary File Read
CVSS 7.1
CVE-2023-21257
HIGH
Android - Missing Authorization in InstallPackageHelper
CVSS 7.8
CVE-2023-21248
HIGH
Android - Missing Authorization in WifiScanningMainSwitchPreferenceController
CVSS 7.8
CVE-2023-21247
HIGH
Android - Local Privilege Escalation via Bluetooth Scanning Main Switch Preference Controller
CVSS 7.8
Details
Vulnerabilities
8,401
Exploit Likelihood
High