The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,402 vulnerabilities with CWE-862
CVE-2022-39086
MEDIUM
Network Service - Privilege Escalation
CVSS 6.7
CVE-2022-39085
MEDIUM
Network Service - Privilege Escalation
CVSS 6.7
CVE-2022-39084
MEDIUM
Network Service - Privilege Escalation
CVSS 6.7
CVE-2022-39083
MEDIUM
Network Service - Privilege Escalation
CVSS 6.7
CVE-2022-39082
MEDIUM
Network Service - Privilege Escalation
CVSS 6.7
CVE-2022-39081
MEDIUM
Network Service - Privilege Escalation
CVSS 6.7
CVE-2022-38684
MEDIUM
Android - Local Denial of Service via Missing Permission Check in Contacts Service
CVSS 5.5
CVE-2022-38683
MEDIUM
Android - Missing Authorization Leading to Local Denial of Service in Contacts Service
CVSS 5.5
CVE-2022-38682
MEDIUM
Android - Local Denial of Service via Missing Permission Check in Contacts Service
CVSS 5.5
CVE-2022-38678
MEDIUM
Android - Missing Authorization Leading to Local Denial of Service in Contacts Service
CVSS 5.5
CVE-2022-3911
HIGH
iubenda-cookie-law-solution < 3.3.3 - Authenticated Privilege Escalation via AJAX Action
CVSS 8.8
CVE-2022-45410
MEDIUM
Firefox < 107.0 and Firefox ESR < 102.5 - Missing Authorization via ServiceWorker FetchEvent
CVSS 6.5
CVE-2022-4124
MEDIUM
Popup Manager < 1.6.6 - Unauthenticated Popup Deletion via Missing Authorization
CVSS 4.3
CVE-2022-4024
MEDIUM
Registration Forms WP <3.8.1.3 - CSRF
CVSS 6.5
CVE-2022-3961
MEDIUM
Directorist < 7.4.4 - Unauthenticated Sensitive Information Exposure
CVSS 6.5
CVE-2022-26581
MEDIUM
PAX PayDroid 7.1.1_Virgo_V04.3.26T1_20210419 - Missing Authorization via ADB Daemon Binary Execution
CVSS 6.8
CVE-2022-20572
MEDIUM
Android Kernel - Missing Authorization in dm-verity-target.c
CVSS 6.7
CVE-2022-20556
LOW
Android 13 - Missing Authorization in NetworkProviderSettings
CVSS 3.3
CVE-2022-20547
HIGH
Android - Missing Authorization in AdapterService.java
CVSS 7.8
CVE-2022-20544
MEDIUM
Android 13 - Missing Authorization in ManageApplications.java
CVSS 4.4
CVE-2022-20537
LOW
Android 13 - Unauthenticated Local Privilege Escalation via WifiScanModeActivity Dialog
CVSS 3.3
CVE-2022-20536
LOW
Android - Missing Authorization in RcsService Broadcast Receiver
CVSS 3.3
CVE-2022-20533
LOW
Android 13 - Missing Authorization in WifiSlice getSlice
CVSS 3.3
CVE-2022-20529
LOW
Android - Local Privilege Escalation via WifiDialogActivity Logic Error
CVSS 2.4
CVE-2022-20522
HIGH
Android - Local Privilege Escalation via Missing Permission Check in ProviderModelSlice
CVSS 7.8
Details
Vulnerabilities
8,402
Exploit Likelihood
High