The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,408 vulnerabilities with CWE-862
CVE-2021-20873
HIGH
Yappli 7.3.6-9.29.9 - Unauthenticated Open Redirect via Custom URL Scheme Handler
CVSS 8.1
CVE-2021-24997
MEDIUM
WP Guppy WordPress <1.3 - Info Disclosure
CVSS 6.5
CVE-2021-24988
MEDIUM
WP RSS Aggregator < 4.19.3 - Authenticated Stored Cross-Site Scripting via wprss_dismiss_addon_notice AJAX Action
CVSS 5.4
CVE-2021-37572
HIGH
MediaTek MT7603E/MT7613/MT7615/MT7622/MT7628/MT7629/MT7915 Missing Authorization in IEEE 1905 Protocol Handling
CVSS 8.2
CVE-2021-43847
MEDIUM
HumHub <1.10.3-1.9.3 - Privilege Escalation
CVSS 6.5
CVE-2021-40853
HIGH
TCMAN GIM - Missing Authorization
CVSS 7.2
CVE-2021-0673
HIGH
Audio Aurisys HAL - Privilege Escalation
CVSS 7.8
CVE-2021-44857
MEDIUM
MediaWiki < 1.35.5, 1.36.x < 1.36.3, 1.37.x < 1.37.1 - Arbitrary Page Content Replacement via mcrrestore
CVSS 6.5
CVE-2021-27859
HIGH
FatPipe WARP, IPVPN, and MPVPN < 10.1.2r60p91 and < 10.2.2r42 - Authenticated Privilege Escalation via Account Creation
CVSS 8.8
CVE-2021-27858
MEDIUM
FatPipe WARP/IPVPN/MPVPN <10.1.2r60p91-10.2.2r42 - Info Disclosure
CVSS 5.3
CVE-2021-27857
HIGH
FatPipe WARP/IPVPN/MPVPN <10.1.2r60p91, 10.2.2r42 - Info Disclosure
CVSS 7.5
CVE-2021-27855
HIGH
FatPipe <10.1.2r60p91 and 10.2.2r42 - Privilege Escalation
CVSS 8.8
CVE-2021-39651
HIGH
Android - Local Privilege Escalation via Missing Authorization
CVSS 7.8
CVE-2021-39639
MEDIUM
Android - Local Privilege Escalation via Missing Permission Check in fvp.c
CVSS 6.8
CVE-2021-1034
LOW
Android 12 - Unauthenticated Local Information Disclosure via PhoneInterfaceManager
CVSS 3.3
CVE-2021-1025
MEDIUM
Android - Local Information Disclosure via WallpaperManagerService
CVSS 5.5
CVE-2021-1017
HIGH
Android 12 - Missing Authorization in Bluetooth AdapterService and GattService
CVSS 7.8
CVE-2021-1011
MEDIUM
Android 12 - Unauthenticated Local Information Disclosure via PackageManagerService setPackageStoppedState
CVSS 5.5
CVE-2021-1010
MEDIUM
Android 12 - Unauthenticated Local Information Disclosure via getSigningKeySet
CVSS 5.5
CVE-2021-1004
HIGH
Android - Missing Authorization in WifiServiceImpl
CVSS 7.8
CVE-2021-0999
HIGH
Android - Missing Authorization in Bluetooth A2DP Broadcast Definition
CVSS 7.8
CVE-2021-0994
LOW
Android - Unauthenticated Local Information Disclosure via ConnectivityService
CVSS 3.3
CVE-2021-0986
MEDIUM
Android 12 - Unauthenticated Local Information Disclosure in DevicePolicyManagerService
CVSS 5.5
CVE-2021-0985
HIGH
Android 12 - Missing Authorization in AlertReceiver
CVSS 7.8
CVE-2021-0982
LOW
Android 12 - Unauthenticated Local Information Disclosure via DevicePolicyManagerService
CVSS 3.3
Details
Vulnerabilities
8,408
Exploit Likelihood
High