The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,402 vulnerabilities with CWE-862
CVE-2023-27462
LOW
RUGGEDCOM CROSSBOW < 5.3 - Authenticated Missing Authorization in Client Query Handler
CVSS 3.1
CVE-2023-27310
MEDIUM
RUGGEDCOM CROSSBOW <V5.2 - Privilege Escalation
CVSS 6.6
CVE-2023-27309
MEDIUM
RUGGEDCOM CROSSBOW <V5.2 - Privilege Escalation
CVSS 5.0
CVE-2023-1339
MEDIUM
Autoptimize <1.7.1 - Privilege Escalation
CVSS 4.3
CVE-2023-1338
MEDIUM
Autoptimize <1.7.1 - Privilege Escalation
CVSS 4.3
CVE-2023-1337
MEDIUM
RapidLoad Power-Up for Autoptimize <= 1.7.1 - Authenticated Data Loss via Missing Capability Check
CVSS 4.3
CVE-2023-1336
MEDIUM
Autoptimize <1.7.1 - Privilege Escalation
CVSS 4.3
CVE-2023-1335
MEDIUM
Autoptimize <1.7.1 - Privilege Escalation
CVSS 4.3
CVE-2023-1334
MEDIUM
Autoptimize <1.7.1 - Unauthorized Cache Modification
CVSS 4.3
CVE-2023-1333
MEDIUM
RapidLoad Power-Up for Autoptimize <= 1.7.1 - Authenticated Cache Deletion via Missing Capability Check
CVSS 4.3
CVE-2023-20064
MEDIUM
Cisco IOS XR < 7.9.1 - Unauthenticated Sensitive File Exposure via GRUB Bootloader Commands
CVSS 4.6
CVE-2023-26957
CRITICAL
onekeyadmin <1.3.9 - Path Traversal
CVSS 9.1
CVE-2023-25573
HIGH
metersphere < 1.20.19 - Unauthenticated Arbitrary File Download via /api/jmeter/download/files
CVSS 8.6
CVE-2023-22858
MEDIUM
BlogEngine.NET 3.3.8.0 - Info Disclosure
CVSS 5.3
CVE-2023-26510
MEDIUM
Ghost 5.35.0 - Missing Authorization for Draft Post Access
CVSS 5.7
CVE-2023-1114
CRITICAL
Eskom e-Belediye 1.0.0.95-1.0.0.100 - Missing Authorization
CVSS 9.8
CVE-2023-1027
MEDIUM
WP Meta SEO < 4.5.3 - Authenticated Missing Authorization via Sitemap Generation
CVSS 4.3
CVE-2023-1026
MEDIUM
WP Meta SEO <4.5.3 - Info Disclosure
CVSS 4.3
CVE-2023-1024
MEDIUM
WP Meta SEO < 4.5.3 - Authenticated Unauthorized Sitemap Generation via regenerateSitemaps Function
CVSS 4.3
CVE-2023-1023
MEDIUM
WP Meta SEO <= 4.5.3 - Authenticated Plugin Settings Update via Missing Capability Check
CVSS 5.4
CVE-2023-1022
MEDIUM
WP Meta SEO <4.5.3 - Privilege Escalation
CVSS 5.4
CVE-2023-27264
HIGH
Mattermost < 7.1.4 - Missing Authorization in Playbooks API
CVSS 7.1
CVE-2023-27263
MEDIUM
Mattermost < 7.1.4 - Missing Authorization in Playbooks API
CVSS 4.3
CVE-2023-26035
HIGH
ZoneMinder < 1.36.33 - Unauthenticated Remote Code Execution via Snapshot Action
CVSS 7.2
CVE-2023-23850
MEDIUM
Synopsys Jenkins Coverity Plugin <3.0.2 - Info Disclosure
CVSS 4.3
Details
Vulnerabilities
8,402
Exploit Likelihood
High