The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,401 vulnerabilities with CWE-862
CVE-2023-1414
MEDIUM
WP VR <8.3.0 - CSRF
CVSS 4.3
CVE-2023-2193
MEDIUM
Mattermost - Missing Authorization via OAuth2 App Deauthorization
CVSS 6.5
CVE-2023-21094
HIGH
Android - Missing Authorization in LayerState.cpp
CVSS 7.8
CVE-2023-21091
MEDIUM
Android 13 - Unauthenticated Denial of Service via AppLocalePickerActivity Locale Change
CVSS 5.5
CVE-2023-20909
MEDIUM
Android - Missing Authorization in RunningTasks.java
CVSS 5.5
CVE-2023-25552
HIGH
StruxureWare Data Center Expert < 7.9.2 - Missing Authorization via Device File Transfer Settings
CVSS 8.1
CVE-2023-1371
MEDIUM
W4 Post List < 2.4.6 - Authenticated Missing Authorization for Password-Protected Posts
CVSS 6.5
CVE-2023-29529
MEDIUM
matrix-js-sdk < 24.1.0 - Unauthenticated Eavesdropping via MSC3401 Group Call Implementation
CVSS 5.0
CVE-2023-30532
MEDIUM
Jenkins TurboScript < 1.3 - Missing Authorization for Build Triggering
CVSS 6.5
CVE-2023-30526
MEDIUM
Jenkins Report Portal Plugin < 0.5 - Missing Authorization for URL Connection with Bearer Token
CVSS 6.5
CVE-2023-30522
MEDIUM
Jenkins Fogbugz Plugin < 2.2.17 - Missing Authorization via Jobname Parameter
CVSS 4.3
CVE-2023-30521
MEDIUM
Jenkins Assembla Merge Request Builder < 1.1.13 - Unauthenticated Build Triggering
CVSS 5.3
CVE-2023-30519
MEDIUM
Jenkins Quay.io trigger Plugin 0.1 - Unauthenticated Missing Authorization
CVSS 5.3
CVE-2023-30518
MEDIUM
Jenkins Thycotic Secret Server Plugin < 1.0.2 - Missing Authorization for Credential ID Enumeration
CVSS 4.3
CVE-2023-1903
MEDIUM
SAP HCM Fiori App My Forms <605 - Info Disclosure
CVSS 4.3
CVE-2023-1931
MEDIUM
WP Fastest Cache <1.1.2 - Info Disclosure
CVSS 4.3
CVE-2023-1930
MEDIUM
WP Fastest Cache <1.1.2 - Info Disclosure
CVSS 4.3
CVE-2023-1929
MEDIUM
WP Fastest Cache <1.1.2 - Privilege Escalation
CVSS 4.3
CVE-2023-1928
MEDIUM
WP Fastest Cache <1.1.2 - Info Disclosure
CVSS 4.3
CVE-2023-1167
MEDIUM
GitLab 12.3.0-15.8.4, 15.9.0-15.9.3, 15.10.0 - Unauthenticated Security Report Access in Merge Requests
CVSS 5.3
CVE-2023-1782
CRITICAL
HashiCorp Nomad <1.5.3 - Auth Bypass
CVSS 9.9
CVE-2023-1868
MEDIUM
YourChannel <1.2.3 - Info Disclosure
CVSS 6.5
CVE-2023-1865
MEDIUM
YourChannel WordPress <1.2.3 - Info Disclosure
CVSS 6.5
CVE-2023-26269
HIGH
Apache James <3.7.3 - Privilege Escalation
CVSS 7.8
CVE-2023-28675
MEDIUM
Jenkins OctoPerf Load Testing Plugin <4.5.2 - Privilege Escalation
CVSS 4.3
Details
Vulnerabilities
8,401
Exploit Likelihood
High