The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,403 vulnerabilities with CWE-862
CVE-2022-3320
MEDIUM
Cloudflare WARP < 2022.8.857.0 - Policy Bypass via Custom Endpoint Disconnect
CVSS 6.7
CVE-2022-24669
MEDIUM
Forgerock Access Management - Information Disclosure
CVSS 6.5
CVE-2022-39329
LOW
Nextcloud Server and Nextcloud Enterprise Server < 23.0.9 - Unauthenticated Information Exposure
CVSS 3.5
CVE-2022-39340
MEDIUM
OpenFGA < 0.2.4 - Unauthenticated Information Disclosure via streamed-list-objects Endpoint
CVSS 5.3
CVE-2022-41797
MEDIUM
Lemon8 < 3.3.5 - Missing Authorization in Custom URL Scheme Handler
CVSS 6.5
CVE-2022-26423
HIGH
Aethon TUG Home Base Server <24 - Info Disclosure
CVSS 8.2
CVE-2022-1070
HIGH
Aethon TUG Home Base Server < 24 - Unauthenticated Access to Hashed User Credentials
CVSS 8.2
CVE-2022-1066
HIGH
Aethon TUG Home Base Server < 24 - Unauthenticated Access to Hashed User Credentials
CVSS 8.2
CVE-2022-43431
MEDIUM
Jenkins Compuware Strobe Measurement Plugin <1.0.1 - Info Disclosure
CVSS 4.3
CVE-2022-43427
MEDIUM
Jenkins Compuware Topaz for Total Test Plugin <2.4.8 - Info Disclosure
CVSS 4.3
CVE-2022-43421
MEDIUM
Jenkins Tuleap Git Branch Source Plugin <3.2.4 - Info Disclosure
CVSS 5.3
CVE-2022-43417
MEDIUM
Jenkins Katalon Plugin <1.0.32 - Open Redirect
CVSS 4.3
CVE-2022-43413
MEDIUM
Jenkins Job Import Plugin <3.5 - Info Disclosure
CVSS 4.3
CVE-2022-39233
MEDIUM
Tuleap 12.9.99.228-14.0.99.24 - Authenticated Missing Authorization via GitLab Repository REST Endpoint
CVSS 4.3
CVE-2022-3244
MEDIUM
WordPress Plugin <6.5.8 - Auth Bypass
CVSS 4.2
CVE-2022-3082
MEDIUM
miniOrange Discord Integration <2.1.6 - CSRF
CVSS 6.5
CVE-2022-3501
LOW
OTRS 8.0.0 through 8.0.26 - Information Disclosure
CVSS 3.5
CVE-2022-39117
MEDIUM
Android - Missing Authorization in Messaging Service
CVSS 5.5
CVE-2022-39115
MEDIUM
Android - Missing Authorization Leading to Local Denial of Service in Music Service
CVSS 5.5
CVE-2022-39114
MEDIUM
Android - Denial of Service via Missing Permission Check in Music Service
CVSS 5.5
CVE-2022-39113
MEDIUM
Android - Missing Authorization Leading to Local Denial of Service in Music Service
CVSS 5.5
CVE-2022-39112
MEDIUM
Android - Missing Authorization in Music Service
CVSS 5.5
CVE-2022-39111
HIGH
Android - Missing Authorization in Music Service
CVSS 7.8
CVE-2022-39110
HIGH
Music Service - Privilege Escalation
CVSS 7.8
CVE-2022-39109
HIGH
Music Service - Privilege Escalation
CVSS 7.8
Details
Vulnerabilities
8,403
Exploit Likelihood
High