The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,407 vulnerabilities with CWE-862
CVE-2022-20049
MEDIUM
Android - Missing Authorization in vpu
CVSS 6.7
CVE-2022-0905
HIGH
Gitea < 1.16.4 - Missing Authorization
CVSS 7.1
CVE-2022-0756
MEDIUM
GitHub salesagility/suitecrm <7.12.5 - Info Disclosure
CVSS 6.5
CVE-2022-0755
MEDIUM
GitHub salesagility/suitecrm <7.12.5 - Info Disclosure
CVSS 4.3
CVE-2022-0163
MEDIUM
Smart Forms WordPress <2.6.71 - Info Disclosure
CVSS 6.5
CVE-2022-23709
MEDIUM
Kibana 7.7.0-7.17.0 - Authenticated Alert Rule Modification via Uptime Feature
CVSS 4.3
CVE-2022-0492
HIGH
KEV
Docker cgroups Container Escape
CVSS 7.8
CVE-2022-0345
MEDIUM
Customize WordPress Emails and Alerts <1.8.7 - CSRF
CVSS 4.3
CVE-2022-24594
MEDIUM
waline 1.6.1 - Missing Authorization via X-Forwarded-For Header
CVSS 5.3
CVE-2022-0726
MEDIUM
GitHub chocobozzz/peertube <4.1.0 - Info Disclosure
CVSS 5.4
CVE-2022-0164
MEDIUM
Coming soon and Maintenance mode < 3.5.3 - Authenticated Arbitrary Email Sending via coming_soon_send_mail AJAX Action
CVSS 4.3
CVE-2022-23642
HIGH
Sourcegraph gitserver sshCommand RCE
CVSS 8.8
CVE-2022-0543
CRITICAL
KEV
Redis Lua Sandbox Escape
CVSS 10.0
CVE-2022-0611
MEDIUM
Packagist snipe/snipe-it <5.3.11 - Info Disclosure
CVSS 6.3
CVE-2022-25211
HIGH
Jenkins SWAMP Plugin < 1.2.6 - Missing Authorization for Web Server Connection
CVSS 8.8
CVE-2022-25208
HIGH
Jenkins Chef Sinatra Plugin < 1.20 - Server-Side Request Forgery via XML Response Parsing
CVSS 8.8
CVE-2022-25206
HIGH
Jenkins dbCharts < 0.5.2 - Missing Authorization for JDBC Database Connection
CVSS 8.8
CVE-2022-25201
MEDIUM
Jenkins Checkmarx Plugin < 2022.1.2 - Missing Authorization
CVSS 6.5
CVE-2022-25199
HIGH
Jenkins SCP publisher < 1.8 - Missing Authorization for SSH Server Connection
CVSS 8.8
CVE-2022-25195
MEDIUM
Jenkins autonomiq < 1.15 - Missing Authorization for URL Connection
CVSS 4.3
CVE-2022-25193
MEDIUM
Jenkins Snow Commander Plugin < 1.10 - Missing Authorization for Credential Capture
CVSS 6.5
CVE-2022-25190
MEDIUM
Jenkins Conjur Secrets Plugin < 1.0.11 - Missing Authorization for Credential ID Enumeration
CVSS 4.3
CVE-2022-0588
HIGH
Packagist librenms/librenms <22.2.0 - Info Disclosure
CVSS 7.1
CVE-2022-0579
MEDIUM
Packagist snipe/snipe-it <5.3.9 - Info Disclosure
CVSS 6.5
CVE-2022-22854
HIGH
Hospital Patient Record Management System 1.0 - Missing Authorization in User List Management
CVSS 8.8
Details
Vulnerabilities
8,407
Exploit Likelihood
High