The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,402 vulnerabilities with CWE-862
CVE-2023-28675
MEDIUM
Jenkins OctoPerf Load Testing Plugin <4.5.2 - Privilege Escalation
CVSS 4.3
CVE-2023-28673
MEDIUM
Jenkins OctoPerf Load Testing Plugin <4.5.2 - Info Disclosure
CVSS 4.3
CVE-2023-28672
MEDIUM
Jenkins OctoPerf Load Testing Plugin <4.5.1 - Auth Bypass
CVSS 6.5
CVE-2023-1774
MEDIUM
Mattermost Server < 7.1.6 - Missing Authorization for Private Channel Email Invites
CVSS 4.2
CVE-2023-27701
HIGH
muyucms v2.2 - Arbitrary File Deletion via /database/sqldel.html
CVSS 8.1
CVE-2023-28640
MEDIUM
apiman < 3.1.0.Final - Authenticated Privilege Escalation via URL Guessing
CVSS 6.4
CVE-2023-0336
MEDIUM
OoohBoi Steroids for Elementor < 2.1.5 - Unauthenticated Attachment Deletion via CSRF and Broken Access Control
CVSS 6.5
CVE-2023-0335
MEDIUM
WP Shamsi < 4.3.3 - Missing Authorization and CSRF via Attachment Deletion
CVSS 6.5
CVE-2023-21029
MEDIUM
Android 13 - Missing Authorization in UidObserverController
CVSS 5.5
CVE-2023-21021
HIGH
Android - Missing Authorization in WifiServiceImpl
CVSS 7.8
CVE-2023-21015
HIGH
Android 13 - Missing Authorization in Transcode Permission Controller
CVSS 7.8
CVE-2023-21005
HIGH
Android 13 - Missing Authorization in Transcode Permission Controller
CVSS 7.8
CVE-2023-21004
HIGH
Android 13 - Missing Authorization in Transcode Permission Controller
CVSS 7.8
CVE-2023-21003
HIGH
Android 13 - Missing Authorization in Transcode Permission Controller
CVSS 7.8
CVE-2023-21002
HIGH
Android - Local Privilege Escalation via Transcode Permission Controller Bypass
CVSS 7.8
CVE-2023-21001
HIGH
Android 13 - Missing Authorization in NetworkProviderSettings
CVSS 7.8
CVE-2023-20959
HIGH
Android - Missing Authorization in AddSupervisedUserActivity
CVSS 7.8
CVE-2023-20955
HIGH
Android - Missing Authorization in AppInfoDashboardFragment
CVSS 7.8
CVE-2023-20926
MEDIUM
Android - Local Privilege Escalation via Factory Reset Protection Bypass
CVSS 6.8
CVE-2023-1262
HIGH
Silicon Labs Wi-SUN Linux Border Router Firmware <= 1.5.2 - Missing MAC Layer Security
CVSS 8.2
CVE-2023-1261
HIGH
Silicon Labs Wi-SUN SDK < 1.5.0 - Missing MAC Layer Security
CVSS 8.2
CVE-2023-0911
MEDIUM
Shortcodes Ultimate < 5.12.8 - Authenticated Arbitrary User Meta Retrieval via User Shortcode
CVSS 6.5
CVE-2023-0890
MEDIUM
Shortcodes Ultimate < 5.12.8 - Authenticated Missing Authorization via Shortcode Post Display
CVSS 6.5
CVE-2023-1299
HIGH
Nomad 1.5.0 - Privilege Escalation via Workload Identity and Task API
CVSS 7.4
CVE-2023-1296
LOW
HashiCorp Nomad 1.4.0-1.5.0 - Incorrect Access Control in Variable Deny Policies
CVSS 2.7
Details
Vulnerabilities
8,402
Exploit Likelihood
High