CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,402 vulnerabilities with CWE-862
CVE-2022-20519 LOW
Android - Missing Authorization in AddAppNetworksActivity
CVSS 3.3
CVE-2022-20511 MEDIUM
Android 13 - Unauthenticated Local Information Disclosure via DevicePolicyManagerService
CVSS 5.5
CVE-2022-20510 MEDIUM
Android 13 - Unauthenticated Local Information Disclosure via Notification Streaming Policy Bypass
CVSS 5.5
CVE-2022-20508 HIGH
Android 13 - Unauthenticated Local Privilege Escalation via WiFi Settings Permissions Bypass
CVSS 7.8
CVE-2022-20506 HIGH
Android 13 - Missing Authorization in WifiDialogActivity
CVSS 7.8
CVE-2022-20504 MEDIUM
Android 13 - Missing Authorization in DreamManagerService
CVSS 6.7
CVE-2022-20503 HIGH
Android 13 - Unauthenticated Local Privilege Escalation via WifiDppConfiguratorActivity
CVSS 7.8
CVE-2022-4555 MEDIUM
WP Shamsi < 4.1.0 - Unauthenticated Plugin Deactivation via Missing Capability Check
CVSS 6.5
CVE-2022-4501 HIGH
Mega Addons for WPBakery Page Builder <= 4.3.0 - Authenticated Authorization Bypass via vc_saving_data Function
CVSS 7.1
CVE-2022-4223 HIGH
pgAdmin 4 < 6.17 - Unauthenticated Remote Code Execution via External Utility Path Validation API
CVSS 8.8
CVE-2022-20240 LOW
Android - Missing Authorization in AppOpsManager.java
CVSS 2.3
CVE-2022-41272 CRITICAL
SAP NetWeaver PI <7.50 - Info Disclosure
CVSS 9.9
CVE-2022-41271 CRITICAL
SAP NetWeaver PI 7.50 - Info Disclosure
CVSS 9.4
CVE-2022-3999 HIGH
DPD Baltic Shipping WordPress Plugin < 1.2.57 - Authenticated Arbitrary Option Deletion via AJAX Action
CVSS 8.1
CVE-2022-3946 MEDIUM
Welcart e-Commerce < 2.8.4 - Authenticated Missing Authorization in AJAX Shipping Method Management
CVSS 6.5
CVE-2022-46158 MEDIUM
PrestaShop <1.7.8.8 - Info Disclosure
CVSS 5.3
CVE-2022-4366 HIGH
GitHub lirantal/daloradius <master - Info Disclosure
CVSS 7.5
CVE-2022-43581 HIGH
IBM Content Navigator <3.0.12 - Auth Bypass
CVSS 7.5
CVE-2022-42782 MEDIUM
Android - Local Information Disclosure via Missing Permission Check in WLAN Driver
CVSS 5.5
CVE-2022-42778 HIGH
Android - Missing Authorization in Window Manager Service
CVSS 7.8
CVE-2022-42777 HIGH
Android - Missing Authorization in Power Management Service
CVSS 7.8
CVE-2022-42776 HIGH
Android - Missing Authorization in UscAIEngine Service
CVSS 7.8
CVE-2022-42766 MEDIUM
Android - Missing Authorization in WLAN Driver
CVSS 5.5
CVE-2022-39102 HIGH
Power Management Service - Privilege Escalation
CVSS 7.8
CVE-2022-39101 HIGH
Power Management Service - Privilege Escalation
CVSS 7.8
Details
Vulnerabilities 8,402
Exploit Likelihood High