The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,403 vulnerabilities with CWE-862
CVE-2022-39108
HIGH
Music Service - Privilege Escalation
CVSS 7.8
CVE-2022-39107
HIGH
Soundrecorder - Privilege Escalation
CVSS 7.8
CVE-2022-39103
MEDIUM
Android Gallery Service - Unauthenticated Denial of Service via Missing Permission Check
CVSS 5.5
CVE-2022-39080
HIGH
Messaging Service - Privilege Escalation
CVSS 7.8
CVE-2022-38698
HIGH
Messaging Service - Privilege Escalation
CVSS 7.8
CVE-2022-38697
MEDIUM
Messaging Service - Info Disclosure
CVSS 5.5
CVE-2022-38689
MEDIUM
Telephony Service - Info Disclosure
CVSS 5.5
CVE-2022-38688
MEDIUM
Telephony Service - Info Disclosure
CVSS 5.5
CVE-2022-38687
MEDIUM
Android - Denial of Service via Missing Authorization in Messaging Service
CVSS 5.5
CVE-2022-38679
MEDIUM
Android - Missing Authorization Leading to Local Denial of Service in Music Service
CVSS 5.5
CVE-2022-38677
MEDIUM
Android - Unauthenticated Denial of Service in Cell Service
CVSS 5.5
CVE-2022-38670
HIGH
Soundrecorder Service - Privilege Escalation
CVSS 7.8
CVE-2022-38669
HIGH
Soundrecorder Service - Privilege Escalation
CVSS 7.8
CVE-2022-2985
HIGH
Android - Missing Authorization in Music Service Leading to Privilege Escalation
CVSS 7.8
CVE-2022-42488
HIGH
OpenHarmony 3.1-3.1.2 - Missing Authorization in Startup Subsystem Param Service
CVSS 8.4
CVE-2022-28866
HIGH
Nokia AirFrame BMC Web GUI < R18 - Info Disclosure
CVSS 8.8
CVE-2022-20434
HIGH
Android - Missing Authorization Leading to Local Privilege Escalation in System Service
CVSS 7.8
CVE-2022-20433
HIGH
Android - Missing Authorization Leading to Local Privilege Escalation
CVSS 7.8
CVE-2022-20432
HIGH
Android - Missing Authorization Leading to Local Privilege Escalation
CVSS 7.8
CVE-2022-20431
HIGH
Android - Missing Authorization Leading to Local Privilege Escalation
CVSS 7.8
CVE-2022-20430
HIGH
Android - Missing Authorization Leading to Local Privilege Escalation in System Service
CVSS 7.8
CVE-2022-20394
MEDIUM
Android - Local Information Disclosure via InputMethodManagerService
CVSS 5.0
CVE-2022-31765
HIGH
Siemens 6GK6108-4AM00-2BA2 and 6GK58xx Firmware < 7.1.2 - Missing Authorization for Password Change
CVSS 8.8
CVE-2022-2350
MEDIUM
Disable User Login < 1.0.1 - Unauthenticated Missing Authorization
CVSS 5.3
CVE-2022-39289
CRITICAL
ZoneMinder < 1.36.27 - Missing Authorization for Database Log Manipulation
CVSS 9.1
Details
Vulnerabilities
8,403
Exploit Likelihood
High