Weaknesses of type CWE-862
6,730 resultsCVE-2024-43222CRITICALWordPress Sweet Date theme <= 3.7.3 - Privilege Escalation vulnerabilityEPSS 0.7%CVE-2023-33948MEDIUMThe Dynamic Data Mapping module in Liferay Portal 7.4.3.67, and Liferay DXP 7.4 update 67 does not limit Document and Media files which can EPSS 0.7%CVE-2022-45410MEDIUMWhen a ServiceWorker intercepted a request with <code>FetchEvent</code>, the origin of the request was lost after the ServiceWorker took ownEPSS 0.7%CVE-2021-32472—Teachers exporting a forum in CSV format could receive a CSV of forums from all courses in some circumstances. Moodle versions 3.10 to 3.10.EPSS 0.7%CVE-2024-6760HIGHktrace(2) fails to detach when executing a setuid binaryEPSS 0.7%CVE-2024-11816HIGHThe Ultimate WordPress Toolkit – WP Extended <= 3.0.11 - Missing Authorization to Authenticated (Subscriber+) Remote Code ExecutionEPSS 0.7%CVE-2023-3125MEDIUMB2BKing <= 4.6.00 - Missing Authorization to Authenticated(Subscriber+) Price ModificationEPSS 0.7%CVE-2024-2086CRITICALIntegrate Google Drive <= 1.3.8 - Missing Authorization to Unauthenticated Settings Modification and ExportEPSS 0.7%CVE-2025-24259CRITICALThis issue was addressed with additional entitlement checks. This issue is fixed in iPadOS 17.7.7, macOS Sequoia 15.4, macOS Sonoma 14.7.5, EPSS 0.7%CVE-2022-26103—Under certain conditions, SAP NetWeaver (Real Time Messaging Framework) - version 7.50, allows an attacker to access information which couldEPSS 0.7%CVE-2020-36712HIGHKali Forms <= 2.1.1 - Unauthenticated Arbitrary Post DeletionEPSS 0.7%CVE-2025-8310MEDIUMMissing authorization in the admin console of Ivanti Virtual Application Delivery Controller before version 22.9 allows a remote authenticatEPSS 0.7%CVE-2021-40501—SAP ABAP Platform Kernel - versions 7.77, 7.81, 7.85, 7.86, does not perform necessary authorization checks for an authenticated business usEPSS 0.7%CVE-2026-26083CRITICALA missing authorization vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox Cloud 5.0EPSS 0.7%CVE-2022-29611—SAP NetWeaver Application Server for ABAP and ABAP Platform do not perform necessary authorization checks for an authenticated user, resultiEPSS 0.7%CVE-2024-12172HIGHWP Courses LMS – Online Courses Builder, eLearning Courses, Courses Solution, Education Courses <= 3.2.21 - Missing Authorization to Authenticated (Subscriber+) Arbitrary User Meta UpdateEPSS 0.7%CVE-2022-41937CRITICALMissing Authorization in XWiki PlatformEPSS 0.7%CVE-2024-8001MEDIUMVIWIS LMS Print authorizationEPSS 0.7%CVE-2023-25455MEDIUMWordPress WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin <= 7.6.0 - Arbitrary Content Deletion vulnerabilityEPSS 0.7%CVE-2023-22737MEDIUMwire-server vulnerable to unauthorized removal of Bots from ConversationsEPSS 0.7%