The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,402 vulnerabilities with CWE-862
CVE-2022-20519
LOW
Android - Missing Authorization in AddAppNetworksActivity
CVSS 3.3
CVE-2022-20511
MEDIUM
Android 13 - Unauthenticated Local Information Disclosure via DevicePolicyManagerService
CVSS 5.5
CVE-2022-20510
MEDIUM
Android 13 - Unauthenticated Local Information Disclosure via Notification Streaming Policy Bypass
CVSS 5.5
CVE-2022-20508
HIGH
Android 13 - Unauthenticated Local Privilege Escalation via WiFi Settings Permissions Bypass
CVSS 7.8
CVE-2022-20506
HIGH
Android 13 - Missing Authorization in WifiDialogActivity
CVSS 7.8
CVE-2022-20504
MEDIUM
Android 13 - Missing Authorization in DreamManagerService
CVSS 6.7
CVE-2022-20503
HIGH
Android 13 - Unauthenticated Local Privilege Escalation via WifiDppConfiguratorActivity
CVSS 7.8
CVE-2022-4555
MEDIUM
WP Shamsi < 4.1.0 - Unauthenticated Plugin Deactivation via Missing Capability Check
CVSS 6.5
CVE-2022-4501
HIGH
Mega Addons for WPBakery Page Builder <= 4.3.0 - Authenticated Authorization Bypass via vc_saving_data Function
CVSS 7.1
CVE-2022-4223
HIGH
pgAdmin 4 < 6.17 - Unauthenticated Remote Code Execution via External Utility Path Validation API
CVSS 8.8
CVE-2022-20240
LOW
Android - Missing Authorization in AppOpsManager.java
CVSS 2.3
CVE-2022-41272
CRITICAL
SAP NetWeaver PI <7.50 - Info Disclosure
CVSS 9.9
CVE-2022-41271
CRITICAL
SAP NetWeaver PI 7.50 - Info Disclosure
CVSS 9.4
CVE-2022-3999
HIGH
DPD Baltic Shipping WordPress Plugin < 1.2.57 - Authenticated Arbitrary Option Deletion via AJAX Action
CVSS 8.1
CVE-2022-3946
MEDIUM
Welcart e-Commerce < 2.8.4 - Authenticated Missing Authorization in AJAX Shipping Method Management
CVSS 6.5
CVE-2022-46158
MEDIUM
PrestaShop <1.7.8.8 - Info Disclosure
CVSS 5.3
CVE-2022-4366
HIGH
GitHub lirantal/daloradius <master - Info Disclosure
CVSS 7.5
CVE-2022-43581
HIGH
IBM Content Navigator <3.0.12 - Auth Bypass
CVSS 7.5
CVE-2022-42782
MEDIUM
Android - Local Information Disclosure via Missing Permission Check in WLAN Driver
CVSS 5.5
CVE-2022-42778
HIGH
Android - Missing Authorization in Window Manager Service
CVSS 7.8
CVE-2022-42777
HIGH
Android - Missing Authorization in Power Management Service
CVSS 7.8
CVE-2022-42776
HIGH
Android - Missing Authorization in UscAIEngine Service
CVSS 7.8
CVE-2022-42766
MEDIUM
Android - Missing Authorization in WLAN Driver
CVSS 5.5
CVE-2022-39102
HIGH
Power Management Service - Privilege Escalation
CVSS 7.8
CVE-2022-39101
HIGH
Power Management Service - Privilege Escalation
CVSS 7.8
Details
Vulnerabilities
8,402
Exploit Likelihood
High