The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,403 vulnerabilities with CWE-862
CVE-2022-34201
MEDIUM
Jenkins Convertigo Mobile Platform Plugin <1.1 - Info Disclosure
CVSS 6.5
CVE-2022-23055
ERPNext 11.0.0-beta-13.0.2 - Missing Authorization in Chat Rooms
CVE-2022-31095
MEDIUM
Discourse-chat <0.4 - Info Disclosure
CVSS 4.3
CVE-2022-33913
HIGH
Mahara <21.04.6-22.04.2 - Info Disclosure
CVSS 7.5
CVE-2022-20736
MEDIUM
Cisco AppDynamics Controller Software - Info Disclosure
CVSS 5.3
CVE-2022-20206
MEDIUM
Android - Missing Authorization in NotificationManagerService
CVSS 5.5
CVE-2022-20204
HIGH
Android 12L - Missing Authorization in DevicePolicyManagerService
CVSS 7.8
CVE-2022-20200
MEDIUM
Android - Local Information Disclosure via SoftApManager Missing Permission Check
CVSS 5.5
CVE-2022-20182
MEDIUM
Android - Local Information Disclosure via Ramdump Creation
CVSS 4.4
CVE-2022-20172
MEDIUM
Android - Local Information Disclosure via Missing Permission Check in ShannonRcsService
CVSS 5.5
CVE-2022-20138
HIGH
Android - Missing Authorization in DevicePolicyManagerService
CVSS 7.8
CVE-2022-20137
HIGH
Android 12-12L - Missing Authorization in NetworkProviderSettings
CVSS 7.3
CVE-2022-20133
HIGH
Android - Missing Authorization in AdapterService.setDiscoverableTimeout
CVSS 7.8
CVE-2022-20126
HIGH
Android - Missing Authorization in AdapterService Bluetooth Discovery Mode
CVSS 7.3
CVE-2022-31595
HIGH
SAP Financial Consolidation 1010 - Privilege Escalation
CVSS 8.8
CVE-2022-32560
HIGH
Couchbase Server 4.0.0-7.0.3 - Missing Authorization in XDCR Settings
CVSS 7.5
CVE-2022-31752
MEDIUM
Huawei EMUI and Magic UI - Missing Authorization
CVSS 5.5
CVE-2022-1777
HIGH
Filr WordPress Plugin < 1.2.2.1 - Authenticated Arbitrary File Upload and Deletion via AJAX Actions
CVSS 8.8
CVE-2022-0885
CRITICAL
Member Hero WordPress Plugin < 1.0.9 - Unauthenticated Arbitrary PHP Function Execution via AJAX Action
CVSS 9.8
CVE-2022-0745
MEDIUM
Like Button Rating WP <2.6.45 - Info Disclosure
CVSS 6.5
CVE-2022-24896
MEDIUM
Tuleap < 13.7.99.239 - Missing Authorization in Tracker Report Renderer and Chart Widgets
CVSS 4.3
CVE-2022-1570
MEDIUM
Files Download Delay < 1.0.7 - Authenticated Missing Authorization for Settings Reset
CVSS 6.5
CVE-2022-30746
HIGH
Smart Things <1.7.85.12 - Info Disclosure
CVSS 7.5
CVE-2022-30731
MEDIUM
My Files <13.1.00.193 - Info Disclosure
CVSS 5.1
CVE-2022-21749
MEDIUM
Android - Local Information Disclosure via Missing Permission Check in Telephony
CVSS 5.5
Details
Vulnerabilities
8,403
Exploit Likelihood
High