CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,408 vulnerabilities with CWE-862
CVE-2021-20873 HIGH
Yappli 7.3.6-9.29.9 - Unauthenticated Open Redirect via Custom URL Scheme Handler
CVSS 8.1
CVE-2021-24997 MEDIUM
WP Guppy WordPress <1.3 - Info Disclosure
CVSS 6.5
CVE-2021-24988 MEDIUM
WP RSS Aggregator < 4.19.3 - Authenticated Stored Cross-Site Scripting via wprss_dismiss_addon_notice AJAX Action
CVSS 5.4
CVE-2021-37572 HIGH
MediaTek MT7603E/MT7613/MT7615/MT7622/MT7628/MT7629/MT7915 Missing Authorization in IEEE 1905 Protocol Handling
CVSS 8.2
CVE-2021-43847 MEDIUM
HumHub <1.10.3-1.9.3 - Privilege Escalation
CVSS 6.5
CVE-2021-40853 HIGH
TCMAN GIM - Missing Authorization
CVSS 7.2
CVE-2021-0673 HIGH
Audio Aurisys HAL - Privilege Escalation
CVSS 7.8
CVE-2021-44857 MEDIUM
MediaWiki < 1.35.5, 1.36.x < 1.36.3, 1.37.x < 1.37.1 - Arbitrary Page Content Replacement via mcrrestore
CVSS 6.5
CVE-2021-27859 HIGH
FatPipe WARP, IPVPN, and MPVPN < 10.1.2r60p91 and < 10.2.2r42 - Authenticated Privilege Escalation via Account Creation
CVSS 8.8
CVE-2021-27858 MEDIUM
FatPipe WARP/IPVPN/MPVPN <10.1.2r60p91-10.2.2r42 - Info Disclosure
CVSS 5.3
CVE-2021-27857 HIGH
FatPipe WARP/IPVPN/MPVPN <10.1.2r60p91, 10.2.2r42 - Info Disclosure
CVSS 7.5
CVE-2021-27855 HIGH
FatPipe <10.1.2r60p91 and 10.2.2r42 - Privilege Escalation
CVSS 8.8
CVE-2021-39651 HIGH
Android - Local Privilege Escalation via Missing Authorization
CVSS 7.8
CVE-2021-39639 MEDIUM
Android - Local Privilege Escalation via Missing Permission Check in fvp.c
CVSS 6.8
CVE-2021-1034 LOW
Android 12 - Unauthenticated Local Information Disclosure via PhoneInterfaceManager
CVSS 3.3
CVE-2021-1025 MEDIUM
Android - Local Information Disclosure via WallpaperManagerService
CVSS 5.5
CVE-2021-1017 HIGH
Android 12 - Missing Authorization in Bluetooth AdapterService and GattService
CVSS 7.8
CVE-2021-1011 MEDIUM
Android 12 - Unauthenticated Local Information Disclosure via PackageManagerService setPackageStoppedState
CVSS 5.5
CVE-2021-1010 MEDIUM
Android 12 - Unauthenticated Local Information Disclosure via getSigningKeySet
CVSS 5.5
CVE-2021-1004 HIGH
Android - Missing Authorization in WifiServiceImpl
CVSS 7.8
CVE-2021-0999 HIGH
Android - Missing Authorization in Bluetooth A2DP Broadcast Definition
CVSS 7.8
CVE-2021-0994 LOW
Android - Unauthenticated Local Information Disclosure via ConnectivityService
CVSS 3.3
CVE-2021-0986 MEDIUM
Android 12 - Unauthenticated Local Information Disclosure in DevicePolicyManagerService
CVSS 5.5
CVE-2021-0985 HIGH
Android 12 - Missing Authorization in AlertReceiver
CVSS 7.8
CVE-2021-0982 LOW
Android 12 - Unauthenticated Local Information Disclosure via DevicePolicyManagerService
CVSS 3.3
Details
Vulnerabilities 8,408
Exploit Likelihood High