The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
8,421 vulnerabilities with CWE-862
CVE-2019-1003085
MEDIUM
Jenkins Zephyr Enterprise Test Management Plugin < 1.6 - Missing Authorization in Test Connection Validation
CVSS 6.5
CVE-2019-1003083
MEDIUM
Jenkins Gearman Plugin - Privilege Escalation
CVSS 6.5
CVE-2019-1003081
MEDIUM
Jenkins OpenShift Deployer Plugin - SSRF
CVSS 6.5
CVE-2019-1003079
MEDIUM
Jenkins VMware Lab Manager Slaves Plugin - Privilege Escalation
CVSS 6.5
CVE-2019-1003077
MEDIUM
Jenkins Audit to Database Plugin - Info Disclosure
CVSS 6.5
CVE-2019-1003059
MEDIUM
Jenkins FTP Publisher < - Privilege Escalation
CVSS 6.5
CVE-2019-10648
CRITICAL
Robocode < 1.9.3.5 - Unauthenticated External Service Interaction via URL.openStream
CVSS 9.8
CVE-2019-1003047
MEDIUM
Jenkins Fortify on Demand Uploader < 3.0.10 - Missing Authorization for Server Connection
CVSS 6.5
CVE-2019-1003043
HIGH
Jenkins Slack Notification Plugin <2.19 - Open Redirect
CVSS 7.5
CVE-2019-6538
CRITICAL
Medtronic MyCareLink Monitor 24950 and 24952 - Unauthenticated Improper Access Control via Conexus Telemetry Protocol
CVSS 9.3
CVE-2019-3879
HIGH
ovirt < 4.3.2.1 - Unauthenticated Disk Deletion via RemoveDiskCommand
CVSS 8.1
CVE-2019-3835
MEDIUM
Ghostscript < 9.27 - Privileged API Misuse via Superexec Operator
CVSS 5.5
CVE-2019-9924
HIGH
Bash < 4.4 - Missing Authorization via BASH_CMDS Manipulation
CVSS 7.8
CVE-2019-9742
HIGH
G Data Total Security <2019-02-22 - Privilege Escalation
CVSS 7.5
CVE-2019-0270
HIGH
SAP ABAP Server and ABAP Platform - Missing Authorization
CVSS 8.8
CVE-2019-9713
HIGH
Joomla! < 3.9.4 - Missing Authorization in Sample Data Plugins
CVSS 7.5
CVE-2019-1003037
MEDIUM
Jenkins Azure VM Agents Plugin <0.8.0 - Info Disclosure
CVSS 6.5
CVE-2019-1003036
MEDIUM
Jenkins Azure VM Agents Plugin <0.8.0 - Code Injection
CVSS 4.3
CVE-2019-1003035
MEDIUM
Jenkins Azure VM Agents Plugin <0.8.0 - Info Disclosure
CVSS 4.3
CVE-2019-9574
HIGH
WP Human Resource Management <2.2.6 - Info Disclosure
CVSS 7.5
CVE-2019-9482
MEDIUM
MISP 2.4.102 - Authenticated Missing Authorization for Sighting Visibility
CVSS 5.3
CVE-2019-9002
CRITICAL
Tiny Issue 1.3.1 and pixeline Bugs < 1.3.2c - Unauthenticated Remote Code Execution via Database Host Parameter
CVSS 9.8
CVE-2019-1003025
HIGH
Jenkins Cloud Foundry Plugin <2.3.1 - Info Disclosure
CVSS 8.8
CVE-2019-5779
MEDIUM
Google Chrome < 72.0.3626.81 - Missing Authorization in ServiceWorker
CVSS 4.3
CVE-2019-5774
HIGH
Google Chrome < 72.0.3626.81 - Unauthenticated Remote Code Execution via .desktop File Download
CVSS 8.8
Details
Vulnerabilities
8,421
Exploit Likelihood
High