The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,403 vulnerabilities with CWE-862
CVE-2022-39861
MEDIUM
Samsung FactoryCamera < 3.5.51 - Unauthenticated Video Recording via Unprotected Broadcast Receiver
CVSS 5.9
CVE-2022-39222
CRITICAL
Dex < 2.35.0 - Unauthenticated OAuth Authorization Code Theft via Malicious OIDC Flow
CVSS 9.3
CVE-2022-3124
MEDIUM
Frontend File Manager Plugin < 21.3 - Unauthenticated Arbitrary File Write via File Rename
CVSS 5.3
CVE-2022-40316
MEDIUM
moodle 3.9.0-3.9.16 - Missing Authorization in H5P Activity Attempts Report
CVSS 4.3
CVE-2022-36068
HIGH
Discourse <2.8.9-2.9.0.beta10 - Privilege Escalation
CVSS 7.2
CVE-2022-2987
HIGH
Ldap WP Login / Active Directory Integration < 3.0.2 - Unauthenticated Settings Update and Authentication Bypass
CVSS 7.5
CVE-2022-2405
MEDIUM
WP Popup Builder < 1.2.9 - Authenticated Arbitrary Popup Deletion via Missing Authorization
CVSS 4.3
CVE-2022-36340
MEDIUM
MailOptin <1.2.49.0 - Info Disclosure
CVSS 6.5
CVE-2022-35249
MEDIUM
Rocket.Chat < 5.0 - Unauthenticated Information Disclosure via getUserMentionsByChannel Method
CVSS 4.3
CVE-2022-35247
MEDIUM
Rocket.Chat < 4.7.5 - Unauthenticated Information Disclosure via getRoomRoles Meteor Method
CVSS 4.3
CVE-2022-32220
MEDIUM
Rocket.Chat < 5.0 - Unauthenticated Information Disclosure via getUserMentionsByChannel Method
CVSS 6.5
CVE-2022-38512
MEDIUM
Liferay Portal/DXP <7.4.3.37 - Info Disclosure
CVSS 6.5
CVE-2022-39975
MEDIUM
Liferay DXP 7.3-7.4 and Liferay Portal 7.3.3-7.4.3.34 - Unauthenticated Information Disclosure via Content Page Preview
CVSS 4.3
CVE-2022-41254
MEDIUM
Jenkins CONS3RT Plugin <1.0.0 - Privilege Escalation
CVSS 6.5
CVE-2022-41252
MEDIUM
Jenkins CONS3RT Plugin <1.0.0 - Info Disclosure
CVSS 4.3
CVE-2022-41251
MEDIUM
Jenkins Apprenda Plugin <2.2.0 - Info Disclosure
CVSS 4.3
CVE-2022-41250
MEDIUM
Jenkins SCM HttpClient Plugin <1.5 - Privilege Escalation
CVSS 6.5
CVE-2022-41246
MEDIUM
Jenkins Worksoft Execution Manager Plugin <10.0.3.503 - SSRF
CVSS 6.5
CVE-2022-41242
MEDIUM
Jenkins extreme-feedback Plugin <1.7 - Info Disclosure
CVSS 5.4
CVE-2022-41238
CRITICAL
Jenkins DotCi Plugin <2.40.00 - Info Disclosure
CVSS 9.8
CVE-2022-41234
HIGH
Jenkins Rundeck Plugin <3.6.11 - CSRF
CVSS 8.8
CVE-2022-41233
MEDIUM
Jenkins Rundeck Plugin <3.6.11 - Info Disclosure
CVSS 4.3
CVE-2022-41230
MEDIUM
Jenkins Build-Publisher Plugin <1.22 - Info Disclosure
CVSS 4.3
CVE-2022-41228
HIGH
Jenkins NS-ND Integration Performance Publisher Plugin <4.8.0.129 -...
CVSS 8.8
CVE-2022-39960
MEDIUM
Netic Group Export < 1.0.3 - Unauthenticated Group Export via groupexport_download Parameter
CVSS 5.3
Details
Vulnerabilities
8,403
Exploit Likelihood
High