Weaknesses of type CWE-862
6,730 resultsCVE-2020-14491—OpenClinic GA versions 5.09.02 and 5.89.05b do not properly check permissions before executing SQL queries, which may allow a low-privilege EPSS 0.8%CVE-2024-13994HIGHNagios XI < 2024R1.1.2 Allow Insecure Logins Missing AuthorizationEPSS 0.8%CVE-2022-0905MEDIUMMissing Authorization in go-gitea/giteaEPSS 0.8%CVE-2024-1982MEDIUMWPvivid Backup and Migration <= 0.9.68 - Missing AuthorizationEPSS 0.8%CVE-2023-0805MEDIUMAn issue has been discovered in GitLab EE affecting all versions starting from 15.2 before 15.9.6, all versions starting from 15.10 before 1EPSS 0.8%CVE-2019-25217CRITICALSiteGround Optimizer <= 5.0.12 - Missing AuthorizationEPSS 0.8%CVE-2024-2216HIGHA missing permission check in an HTTP endpoint in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers with Overall/Read permiEPSS 0.8%CVE-2021-40853HIGHTCMAN GIM missing authorization vulnerabilityEPSS 0.8%CVE-2020-36716HIGHWP Activity Log <= 4.0.1 - Missing AuthorizationEPSS 0.8%CVE-2021-41803HIGHHashiCorp Consul 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 do not properly validate the node or segment names prior to interpolation and usage EPSS 0.8%CVE-2025-64401HIGHApache OpenOffice: Remote documents loaded without prompt via IFrameEPSS 0.8%CVE-2022-39811CRITICALItaltel NetMatch-S CI 5.2.0-20211008 has incorrect Access Control under NMSCI-WebGui/advancedsettings.jsp and NMSCIWebGui/SaveFileUploader. EPSS 0.8%CVE-2022-22535—SAP ERP HCM Portugal - versions 600, 604, 608, does not perform necessary authorization checks for a report that reads the payroll data of eEPSS 0.8%CVE-2023-24435MEDIUMA missing permission check in Jenkins GitHub Pull Request Builder Plugin 1.42.2 and earlier allows attackers with Overall/Read permission toEPSS 0.8%CVE-2025-12975HIGHCTX Feed – WooCommerce Product Feed Manager <= 6.6.11 - Missing Authorization to Authenticated (Shop Manager+) Arbitrary Plugin InstallationEPSS 0.8%CVE-2022-41930HIGHorg.xwiki.platform:xwiki-platform-user-profile-ui missing authorization to enable or disable usersEPSS 0.8%CVE-2019-25139MEDIUMComing Soon Page & Maintenance Mode <= 1.8.1 - Unauthenticated Settings ResetEPSS 0.8%CVE-2023-6394HIGHQuarkus: graphql operations over websockets bypassEPSS 0.8%CVE-2024-5637HIGHMarket Exporter <= 2.0.19 - Missing Authorization to Arbitrary File DeletionEPSS 0.8%CVE-2024-3213MEDIUMRelevanssi – A Better Search <= 4.22.1 - Missing Authorization to Unauthenticated Count Option UpdateEPSS 0.8%