The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,402 vulnerabilities with CWE-862
CVE-2023-24453
MEDIUM
Jenkins TestQuality Updater Plugin <1.3 - Open Redirect
CVSS 6.5
CVE-2023-24451
MEDIUM
Jenkins Cisco Spark Notifier Plugin <1.1.1 - Info Disclosure
CVSS 4.3
CVE-2023-24448
MEDIUM
Jenkins RabbitMQ Consumer Plugin <2.8 - Privilege Escalation
CVSS 6.5
CVE-2023-24438
MEDIUM
Jenkins JIRA Pipeline Steps Plugin <2.0.165.v8846cf59f3db - SSRF
CVSS 6.5
CVE-2023-24436
MEDIUM
Jenkins GitHub Pull Request Builder Plugin <1.42.2 - Info Disclosure
CVSS 4.3
CVE-2023-24435
MEDIUM
Jenkins GitHub Pull Request Builder Plugin <1.42.2 - SSRF
CVSS 6.5
CVE-2023-24433
MEDIUM
Jenkins Orka by MacStadium Plugin <1.31 - Privilege Escalation
CVSS 6.5
CVE-2023-24431
MEDIUM
Jenkins Orka by MacStadium Plugin <1.31 - Info Disclosure
CVSS 4.3
CVE-2023-23611
MEDIUM
xblock-lti-consumer 7.0.0-7.2.1 - Missing Authorization via resource_link_id Field
CVSS 5.4
CVE-2023-22736
HIGH
Argo CD 2.5.0-2.5.7 and 2.6.0-rc4 - Missing Authorization via Sharded Application Controller
CVSS 8.5
CVE-2023-20916
HIGH
Android - Missing Authorization Check in LauncherAppsService
CVSS 7.8
CVE-2023-20912
HIGH
Android 13 - Missing Authorization in AvatarPickerActivity
CVSS 7.8
CVE-2023-0447
MEDIUM
My YouTube Channel <3.0.12.1 - Auth Bypass
CVSS 4.3
CVE-2023-0404
MEDIUM
Events Made Easy <= 2.3.16 - Authenticated Authorization Bypass via AJAX Functions
CVSS 5.4
CVE-2023-0402
MEDIUM
Social Warfare <4.3.0 - Auth Bypass
CVSS 5.4
CVE-2023-0242
HIGH
Rapid7 Velociraptor - Privilege Escalation
CVSS 8.8
CVE-2023-22478
HIGH
KubePi < 1.6.4 - Missing Authorization
CVSS 7.3
CVE-2023-0293
MEDIUM
Mediamatic - Media Library Folders <2.8.1 - Auth Bypass
CVSS 4.3
CVE-2023-22489
LOW
Flarum 1.3.0-1.6.2 - Missing Authorization for Discussion Replies via REST API
CVSS 3.5
CVE-2023-22488
MEDIUM
Flarum < 1.6.3 - Missing Authorization in Notification-Sending Component
CVSS 6.8
CVE-2022-45813
MEDIUM
WordPress Advanced AJAX Product Filters plugin <= 1.6.3.3 - Broken Access Control + CSRF
CVSS 5.4
CVE-2022-42479
MEDIUM
WordPress Soledad premium theme <= 8.2.5 - Broken Access Control vulnerability
CVSS 5.4
CVE-2022-41656
MEDIUM
WordPress Account Manager for WooCommerce plugin <= 2.1.2 - Broken Access Control vulnerability
CVSS 4.3
CVE-2022-41650
MEDIUM
Custom Content by Country <3.1.2 - Auth Bypass
CVSS 6.5
CVE-2022-47425
MEDIUM
ARMember <= 3.4.10 - Missing Authorization
CVSS 4.3
Details
Vulnerabilities
8,402
Exploit Likelihood
High