The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,417 vulnerabilities with CWE-862
CVE-2020-2267
MEDIUM
Jenkins MongoDB Plugin <1.3 - Info Disclosure
CVSS 4.3
CVE-2020-2260
MEDIUM
Jenkins Perfecto Plugin <1.17 - Privilege Escalation
CVSS 4.3
CVE-2020-2255
MEDIUM
Jenkins Blue Ocean Plugin <1.23.2 - SSRF
CVSS 4.3
CVE-2020-25283
CRITICAL
LG Android 8.0-10 - Missing Authorization in BT Manager
CVSS 9.8
CVE-2020-25282
CRITICAL
LG Android 10 - Missing Authorization in lguicc Property Access
CVSS 9.8
CVE-2020-0989
MEDIUM
Windows 10 and Windows Server 2016/2019 - Information Disclosure via MDM Diagnostics Junction Handling
CVSS 5.5
CVE-2020-2242
MEDIUM
Jenkins Database Plugin <1.6 - Privilege Escalation
CVSS 6.5
CVE-2020-13464
MEDIUM
China Key Systems & Integrated Circuit CKS32F103 - Info Disclosure
CVSS 4.2
CVE-2020-24928
MEDIUM
PreMiD < 2.1.3 - Unauthenticated Sensitive Information Exposure via SocketIO Server
CVSS 5.3
CVE-2020-3394
HIGH
Cisco Nexus 3000/9000 - Privilege Escalation
CVSS 7.8
CVE-2020-4175
MEDIUM
IBM Security Guardium Insights 2.0.1 - Missing Authorization
CVSS 5.9
CVE-2020-3443
HIGH
Cisco Smart Software Manager On-Prem - Privilege Escalation
CVSS 8.8
CVE-2020-24614
HIGH
Fossil <2.10.2, <2.11.2, <2.12.1 - Authenticated RCE
CVSS 8.8
CVE-2020-19890
MEDIUM
DBHcms 1.2.0 - Arbitrary File Read via mod.editor.php File Parameter
CVSS 4.9
CVE-2020-6301
HIGH
SAP ERP (HCM Travel Management) - Privilege Escalation
CVSS 8.1
CVE-2020-6298
HIGH
SAP Banking Services - Info Disclosure
CVSS 8.1
CVE-2020-6273
MEDIUM
SAP S/4 HANA Fiori UI for General Ledger Accounting 103, 104 - Missing Authorization Check in Attachment Service
CVSS 4.3
CVE-2020-2234
MEDIUM
Jenkins Pipeline Maven Integration Plugin <3.8.2 - Info Disclosure
CVSS 6.5
CVE-2020-0250
MEDIUM
Android 10 - Unauthenticated Local Information Disclosure via PhoneInterfaceManager
CVSS 5.5
CVE-2020-0239
MEDIUM
Android 9-10 - Unauthenticated Local Information Disclosure via DocumentsContract.getDocumentMetadata
CVSS 5.5
CVE-2020-15109
MEDIUM
Solidus <2.8.6, 2.9.6, 2.10.2 - Info Disclosure
CVSS 5.3
CVE-2020-15943
HIGH
Gantt-Chart < 5.5.4 - Authenticated Missing Authorization and Cross-Site Scripting
CVSS 8.1
CVE-2020-13523
LOW
SoftPerfect's RAM Disk <4.1 - Info Disclosure
CVSS 3.3
CVE-2020-5396
HIGH
VMware GemFire 9.7.0-9.7.5 and Tanzu GemFire for VMs 1.10.0-1.10.1 - Remote Code Execution via JMX MLet MBean
CVSS 8.8
CVE-2020-14520
HIGH
Ignition Gateway 8.0-8.0.12 - Information Disclosure via Missing Authorization
CVSS 7.5
Details
Vulnerabilities
8,417
Exploit Likelihood
High