CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,401 vulnerabilities with CWE-862
CVE-2023-30925 MEDIUM
Android - Local Information Disclosure via Missing Permission Check in Opm Service
CVSS 5.5
CVE-2023-30924 MEDIUM
Android - Local Information Disclosure via Missing Permission Check in Messaging Service
CVSS 5.5
CVE-2023-30923 MEDIUM
Android - Local Information Disclosure via Missing Permission Check in Messaging Service
CVSS 5.5
CVE-2023-30922 MEDIUM
Android - Local Information Disclosure via Missing Permission Check in Messaging Service
CVSS 5.5
CVE-2023-30921 MEDIUM
Android - Local Information Disclosure via Missing Permission Check
CVSS 5.5
CVE-2023-30920 MEDIUM
Android - Local Information Disclosure via Missing Permission Check
CVSS 5.5
CVE-2023-30919 MEDIUM
Android - Local Information Disclosure via Missing Permission Check in Messaging Service
CVSS 5.5
CVE-2023-30918 MEDIUM
Android - Local Information Disclosure via Telephony Service Missing Permission Check
CVSS 5.5
CVE-2023-30917 HIGH
Android - Missing Authorization in DMService
CVSS 7.8
CVE-2023-30916 HIGH
Android - Missing Authorization in DMService
CVSS 7.8
CVE-2023-30913 MEDIUM
Android - Missing Authorization in Telephony Service
CVSS 5.5
CVE-2023-2869 MEDIUM
WP-Members Membership <3.4.7.3 - Privilege Escalation
CVSS 4.3
CVE-2023-2562 MEDIUM
Gallery Metabox < 1.5 - Unauthenticated Sensitive Data Exposure via refresh_metabox Function
CVSS 4.3
CVE-2023-2561 MEDIUM
The Gallery Metabox <1.5 - Info Disclosure
CVSS 4.3
CVE-2023-33992 MEDIUM
SAP Business Warehouse and SAP BW/4HANA - Missing Authorization in BICS Communication Layer
CVSS 4.5
CVE-2023-2078 HIGH
Buy Me a Coffee - Button and Widget Plugin <3.7 - Info Disclosure
CVSS 7.3
CVE-2023-3076 CRITICAL
WordPress MStore API <3.9.9 - Privilege Escalation
CVSS 9.8
CVE-2023-2796 MEDIUM
EventON < 2.1.2 - Unauthenticated Insecure Direct Object Reference via eventon_ics_download AJAX Action
CVSS 5.3
CVE-2023-20899 HIGH
VMware SD-WAN Edge Firmware 4.5.0-4.5.1 - Unauthenticated Diagnostic Bundle Download
CVSS 7.5
CVE-2023-30195 HIGH
lgdetailedorder < 1.1.21 - Unauthenticated Personal Information Exposure via JSON Download
CVSS 7.5
CVE-2023-35937 MEDIUM
Metersphere <2.10.2 LTS - Privilege Escalation
CVSS 6.0
CVE-2023-35940 HIGH
GLPI 9.5.0-10.0.8 - Unauthenticated Dashboard Data Access via Incorrect Rights Check
CVSS 7.5
CVE-2023-36624 HIGH
Loxone Miniserver Go Gen.2-14.0.3.28 - Privilege Escalation
CVSS 7.8
CVE-2023-3482 MEDIUM
Firefox < 115.0 - Unauthenticated LocalStorage Data Storage via about:blank Iframe
CVSS 6.5
CVE-2023-20773 HIGH
Android - Missing Authorization Leading to Local Privilege Escalation
CVSS 7.8
Details
Vulnerabilities 8,401
Exploit Likelihood High