The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,401 vulnerabilities with CWE-862
CVE-2023-30925
MEDIUM
Android - Local Information Disclosure via Missing Permission Check in Opm Service
CVSS 5.5
CVE-2023-30924
MEDIUM
Android - Local Information Disclosure via Missing Permission Check in Messaging Service
CVSS 5.5
CVE-2023-30923
MEDIUM
Android - Local Information Disclosure via Missing Permission Check in Messaging Service
CVSS 5.5
CVE-2023-30922
MEDIUM
Android - Local Information Disclosure via Missing Permission Check in Messaging Service
CVSS 5.5
CVE-2023-30921
MEDIUM
Android - Local Information Disclosure via Missing Permission Check
CVSS 5.5
CVE-2023-30920
MEDIUM
Android - Local Information Disclosure via Missing Permission Check
CVSS 5.5
CVE-2023-30919
MEDIUM
Android - Local Information Disclosure via Missing Permission Check in Messaging Service
CVSS 5.5
CVE-2023-30918
MEDIUM
Android - Local Information Disclosure via Telephony Service Missing Permission Check
CVSS 5.5
CVE-2023-30917
HIGH
Android - Missing Authorization in DMService
CVSS 7.8
CVE-2023-30916
HIGH
Android - Missing Authorization in DMService
CVSS 7.8
CVE-2023-30913
MEDIUM
Android - Missing Authorization in Telephony Service
CVSS 5.5
CVE-2023-2869
MEDIUM
WP-Members Membership <3.4.7.3 - Privilege Escalation
CVSS 4.3
CVE-2023-2562
MEDIUM
Gallery Metabox < 1.5 - Unauthenticated Sensitive Data Exposure via refresh_metabox Function
CVSS 4.3
CVE-2023-2561
MEDIUM
The Gallery Metabox <1.5 - Info Disclosure
CVSS 4.3
CVE-2023-33992
MEDIUM
SAP Business Warehouse and SAP BW/4HANA - Missing Authorization in BICS Communication Layer
CVSS 4.5
CVE-2023-2078
HIGH
Buy Me a Coffee - Button and Widget Plugin <3.7 - Info Disclosure
CVSS 7.3
CVE-2023-3076
CRITICAL
WordPress MStore API <3.9.9 - Privilege Escalation
CVSS 9.8
CVE-2023-2796
MEDIUM
EventON < 2.1.2 - Unauthenticated Insecure Direct Object Reference via eventon_ics_download AJAX Action
CVSS 5.3
CVE-2023-20899
HIGH
VMware SD-WAN Edge Firmware 4.5.0-4.5.1 - Unauthenticated Diagnostic Bundle Download
CVSS 7.5
CVE-2023-30195
HIGH
lgdetailedorder < 1.1.21 - Unauthenticated Personal Information Exposure via JSON Download
CVSS 7.5
CVE-2023-35937
MEDIUM
Metersphere <2.10.2 LTS - Privilege Escalation
CVSS 6.0
CVE-2023-35940
HIGH
GLPI 9.5.0-10.0.8 - Unauthenticated Dashboard Data Access via Incorrect Rights Check
CVSS 7.5
CVE-2023-36624
HIGH
Loxone Miniserver Go Gen.2-14.0.3.28 - Privilege Escalation
CVSS 7.8
CVE-2023-3482
MEDIUM
Firefox < 115.0 - Unauthenticated LocalStorage Data Storage via about:blank Iframe
CVSS 6.5
CVE-2023-20773
HIGH
Android - Missing Authorization Leading to Local Privilege Escalation
CVSS 7.8
Details
Vulnerabilities
8,401
Exploit Likelihood
High