The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,402 vulnerabilities with CWE-862
CVE-2023-23848
MEDIUM
Synopsys Jenkins Coverity Plugin <3.0.2 - Privilege Escalation
CVSS 4.3
CVE-2023-25768
MEDIUM
Jenkins Azure Credentials Plugin < 254.v64da_8176c83a - Missing Authorization
CVSS 6.5
CVE-2023-25766
MEDIUM
Jenkins Azure Credentials Plugin < 254.v64da_8176c83a - Missing Authorization for Credential ID Enumeration
CVSS 4.3
CVE-2023-24528
MEDIUM
SAP Fiori apps for Travel Management <600 - Info Disclosure
CVSS 6.5
CVE-2023-24524
MEDIUM
SAP S/4 HANA - Privilege Escalation
CVSS 6.5
CVE-2023-23854
LOW
SAP NetWeaver Application Server for ABAP and ABAP Platform - Privi...
CVSS 3.8
CVE-2023-0019
MEDIUM
SAP GRC - Confidential Data Exposure
CVSS 6.5
CVE-2023-21450
LOW
Samsung One Hand Operation + < 6.1.21 - Unauthenticated Widget Access via Gesture Setting
CVSS 2.3
CVE-2023-0720
MEDIUM
Wicked Folders < 2.18.16 - Authenticated Authorization Bypass via ajax_save_folder_order
CVSS 5.4
CVE-2023-0717
MEDIUM
Wicked Folders <2.18.16 - Auth Bypass
CVSS 5.4
CVE-2023-0716
MEDIUM
Wicked Folders <2.18.16 - Auth Bypass
CVSS 5.4
CVE-2023-0715
MEDIUM
Wicked Folders <2.18.16 - Auth Bypass
CVSS 5.4
CVE-2023-0711
MEDIUM
Wicked Folders <2.18.16 - Auth Bypass
CVSS 5.4
CVE-2023-0684
MEDIUM
Wicked Folders <2.18.16 - Auth Bypass
CVSS 5.4
CVE-2023-0718
MEDIUM
Wicked Folders <2.18.16 - Auth Bypass
CVSS 5.4
CVE-2023-0719
MEDIUM
Wicked Folders <2.18.16 - Auth Bypass
CVSS 5.4
CVE-2023-0712
MEDIUM
Wicked Folders <2.18.16 - Auth Bypass
CVSS 5.4
CVE-2023-0713
MEDIUM
Wicked Folders < 2.18.16 - Authenticated Authorization Bypass via ajax_add_folder Function
CVSS 5.4
CVE-2023-0678
MEDIUM
phpipam < 1.5.1 - Missing Authorization
CVSS 5.3
CVE-2023-25014
HIGH
femanager < 5.5.3, 6.x < 6.3.4, 7.x < 7.1.0 - Unauthenticated Frontend User Deletion via InvitationController
CVSS 8.6
CVE-2023-0619
MEDIUM
Kraken.io Image Optimizer <2.6.8 - Auth Bypass
CVSS 6.5
CVE-2023-22737
MEDIUM
wire-server < 2022-12-09 - Unauthenticated Bot Removal via Missing Permissions Check
CVSS 6.5
CVE-2023-0556
CRITICAL
ContentStudio < 1.2.5 - Unauthenticated Authorization Bypass via Missing Capability Check
CVSS 9.8
CVE-2023-0555
HIGH
Quick Restaurant Menu <2.0.2 - Auth Bypass
CVSS 8.1
CVE-2023-24459
MEDIUM
Jenkins BearyChat Plugin <3.0.2 - CSRF
CVSS 6.5
Details
Vulnerabilities
8,402
Exploit Likelihood
High