The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,417 vulnerabilities with CWE-862
CVE-2020-15102
MEDIUM
PrestaShop Dashboard Productions <2.1.0 - Privilege Escalation
CVSS 6.5
CVE-2020-14491
MEDIUM
OpenClinic GA 5.09.02 and 5.89.05b - Missing Authorization in SQL Query Execution
CVSS 6.5
CVE-2020-0227
HIGH
Android 8.0-10 - Unauthenticated Permissions Bypass in CompanionDeviceManagerService
CVSS 7.8
CVE-2020-0107
MEDIUM
Android 10 - Unauthenticated Local Information Disclosure via getUiccCardsInfo Input Validation Bypass
CVSS 5.5
CVE-2020-14001
CRITICAL
kramdown < 2.3.0 - Unauthenticated Arbitrary File Read and Remote Code Execution via Template Option
CVSS 9.8
CVE-2020-15780
MEDIUM
Linux Kernel < 5.7.7 - Missing Authorization via ACPI Table Injection
CVSS 6.7
CVE-2020-15001
MEDIUM
Yubico YubiKey 5 NFC <5.3.1 - Info Disclosure
CVSS 5.3
CVE-2020-5368
CRITICAL
Dell EMC VxRail 4.7.410-4.7.411 - Unauthenticated Sensitive Information Exposure
CVSS 9.8
CVE-2020-15518
HIGH
Veeam Availability Suite & Backup & Replication < 10.0 - Privilege Escalation via VeeamFSR.sys
CVSS 8.8
CVE-2020-15080
MEDIUM
PrestaShop <1.7.6.6 - Info Disclosure
CVSS 5.3
CVE-2020-2216
MEDIUM
Jenkins Zephyr for JIRA Test Mgmt <1.5 - Privilege Escalation
CVSS 4.3
CVE-2020-2204
MEDIUM
Jenkins Fortify on Demand Plugin <5.0.1 - Privilege Escalation
CVSS 5.4
CVE-2020-2202
MEDIUM
Jenkins Fortify on Demand Plugin <6.0.0 - Info Disclosure
CVSS 4.3
CVE-2020-15412
MEDIUM
MISP 2.4.128 - Missing Authorization in EventsController
CVSS 4.3
CVE-2020-15360
HIGH
Docker Desktop <2.3.0.3 - Privilege Escalation
CVSS 7.8
CVE-2020-4413
MEDIUM
IBM Security Secret Server < 10.8 - Sensitive Information Exposure via Missing HSTS Enforcement
CVSS 5.9
CVE-2020-5345
MEDIUM
Dell EMC Unisphere for PowerMax < 9.1.0.17 - Authenticated Authorization Bypass
CVSS 6.4
CVE-2020-14971
HIGH
Pi-hole < 5.0 - Code Injection via Teleporter Backup File Restoration
CVSS 7.8
CVE-2020-14944
CRITICAL
Global RADAR BSA Radar <1.6.7234.24750 - Privilege Escalation
CVSS 9.8
CVE-2020-14969
HIGH
MISP 2.4.127 - Missing Authorization in Attribute RestSearch API
CVSS 7.5
CVE-2020-13276
HIGH
GitLab CE/EE <13.0.1 - Info Disclosure
CVSS 7.4
CVE-2020-3245
MEDIUM
Cisco Smart Software Manager On-Prem - Auth Bypass
CVSS 5.3
CVE-2020-14213
MEDIUM
Zammad < 3.3.1 - Missing Authorization for Customer Ticket Access
CVSS 5.4
CVE-2020-0202
HIGH
Android - Local Privilege Escalation via TraceService Intent Handling
CVSS 7.8
CVE-2020-0178
MEDIUM
Android 10 - Unauthenticated Local Information Disclosure via SettingsProvider Config Flags
CVSS 5.5
Details
Vulnerabilities
8,417
Exploit Likelihood
High