Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-862 (授权机制缺失) — Vulnerability Class 5527

5527 vulnerabilities classified as CWE-862 (授权机制缺失). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-2543 Visual Portfolio < 2.18.0 - Unauthenticated CSS Injection — Visual Portfolio, Photo Gallery & Post Grid 6.1 -2022-09-05
CVE-2022-2376 Directorist < 7.3.1 - Unauthenticated Email Address Disclosure — Directorist – WordPress Business Directory Plugin with Classified Ads Listings 5.3 -2022-09-05
CVE-2022-2373 Simply Schedule Appointments < 1.5.7.7 - Unauthenticated Email Address Disclosure — Simply Schedule Appointments – WordPress Booking Plugin 5.3 -2022-08-29
CVE-2022-32769 WWBN AVideo 安全漏洞 — AVideo 5.0 -2022-08-22
CVE-2022-32768 WWBN AVideo 安全漏洞 — AVideo 4.2 -2022-08-22
CVE-2022-2389 Automations By Autonami < 2.1.2 - Subscriber+ Automation Creation — Abandoned Cart Recovery for WooCommerce, Follow Up Emails, Newsletter Builder & Marketing Automation By Autonami 4.3 -2022-08-22
CVE-2022-2382 Product Slider for WooCommerce < 2.5.7 - Subscriber+ Arbitrary Options Deletion — Product Slider for WooCommerce 4.3 -2022-08-22
CVE-2022-2377 Directorist < 7.3.0 - Subscriber+ Arbitrary E-mail Sending — Directorist – WordPress Business Directory Plugin with Classified Ads Listings 4.3 -2022-08-22
CVE-2022-2276 WP Edit Menu < 1.5.0 - Unauthenticated Arbitrary Post Deletion — WP Edit Menu 4.3 -2022-08-22
CVE-2022-25810 Transposh WordPress Translation <= 1.0.8 - Subscriber+ Unauthorised Calls — Transposh WordPress Translation 8.1 -2022-08-22
CVE-2022-2841 CrowdStrike Falcon Uninstallation authorization — Falcon 2.7 Low2022-08-22
CVE-2022-36024 Bots using py-cord as discord api wrapper are vulnerable to shutdowns through remote code execution — pycord 7.5 High2022-08-18
CVE-2022-2846 Calendar Event Multi View < 1.4.07 - Unauthenticated Arbitrary Event Creation to Stored XSS — Calendar Event Multi View 4.3 -2022-08-16
CVE-2022-2379 Easy Student Results <= 2.2.8 - Sensitive Information Disclosure via REST API — Easy Student Results 7.5 -2022-08-15
CVE-2022-35293 SAP Enable Now Manager 安全漏洞 — SAP Enable Now Manager 9.1 -2022-08-09
CVE-2022-2732 Missing Authorization in openemr/openemr — openemr/openemr 8.3 High2022-08-09
CVE-2022-36836 SAMSUNG Mobile devices 安全漏洞 — Charm by Samsung 6.2 Medium2022-08-05
CVE-2022-31128 Fine grained permissions are not checked in Tuleap — tuleap 5.4 Medium2022-08-01
CVE-2022-2369 YaySMTP < 2.2.1 - Subscriber+ Logs Disclosure — YaySMTP – Simple WP SMTP Mail 4.3 -2022-08-01
CVE-2021-32504 SICK FTMg 安全漏洞 — SICK FTMg 8.2 -2022-07-19
CVE-2022-2108 Wbcom Designs – BuddyPress Group Reviews <= 2.8.3 - Unauthorized AJAX Actions due to Nonce Bypass — Wbcom Designs – BuddyPress Group Reviews 6.5 Medium2022-07-18
CVE-2022-31597 SAP S/4HANA 安全漏洞 — SAP S/4HANA 5.4 -2022-07-12
CVE-2022-31592 SAP Enterprise Extension Defense Forces & Public Security 安全漏洞 — SAP Enterprise Extension Defense Forces & Public Security (EA-DFPS) 4.3 -2022-07-12
CVE-2022-1245 Red Hat Keycloak 安全漏洞 — keycloak 9.8 -2022-07-07
CVE-2022-1903 ARMember < 3.4.8 - Unauthenticated Admin Account Takeover — ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup 8.1 -2022-06-27
CVE-2022-23055 ERPNext - Improper user access conrol — frappe 8.1 -2022-06-22
CVE-2022-31595 SAP Financial Consolidation 安全漏洞 — SAP Financial Consolidation 8.8 -2022-06-14
CVE-2022-1777 Filr - Secure Document Library < 1.2.2.1 - Subscriber+ AJAX Calls — Filr – Secure document library 8.3 -2022-06-13
CVE-2022-0745 Like Button Rating < 2.6.45 - Arbitrary e-mail Sending — Like Button Rating ♥ LikeBtn 6.5 -2022-06-13
CVE-2022-30731 Samsung My Files 安全漏洞 — My Files 5.1 Medium2022-06-07

Vulnerabilities classified as CWE-862 (授权机制缺失) represent 5527 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.