CWE-862: Missing Authorization

A local privilege escalation vulnerability allows low-privileged users to interact with a service that should be restricted. This affects systems runn...

A Missing Authorization vulnerability in Juniper Networks Junos OS Evolved allows local low-privileged users to gain root privileges by sending packet...

This vulnerability allows a malicious app in a non-owner profile on Android devices to activate Wi-Fi hotspot functionality without proper permissions...

CVE-2017-13316 is a local privilege escalation vulnerability in Android's RecognitionService that allows attackers to bypass permission checks. This c...

This vulnerability allows unauthorized clients to connect to the com.uaudio.bsd.helper service and execute privileged operations without proper valida...

This vulnerability allows local attackers to bypass VPN network restrictions on Android devices. A missing permission check in the NetworkManagementSe...

This vulnerability in Android's AccessibilitySettings allows an attacker to hide an enabled accessibility service from the settings menu through a log...

This vulnerability in Android's MediaProvider allows one app to access files belonging to other apps without proper permission checks. It enables loca...

This vulnerability allows local attackers to access the microphone without proper permission checks, enabling potential audio surveillance. It affects...

This vulnerability allows local attackers to bypass Factory Reset Protection (FRP) on Android devices without user interaction. It enables local privi...

This CVE describes a missing authorization vulnerability in QNAP operating systems that allows local authenticated users to access data or perform act...

This vulnerability allows local attackers to bypass the DISALLOW_ADD_WIFI_CONFIG restriction in Android's Settings app, enabling them to add unauthori...

This CVE describes a local privilege escalation vulnerability in Ant Media Server versions 2.6.0 through 2.8.2. Any unprivileged operating system user...

This vulnerability allows authenticated attackers with low privileges to escalate to SYSTEM-level access and execute arbitrary code on affected Rapid7...

This vulnerability allows local attackers to inject arbitrary input events without proper permission checks in Android's AccessibilityManagerService. ...

This vulnerability allows local privilege escalation on affected Android devices without requiring user interaction. Attackers can exploit a missing p...

This vulnerability allows an attacker to bypass the lock screen on Android devices without needing any special permissions or user interaction. It aff...

This vulnerability in telecom services allows local attackers to escalate privileges without needing additional execution permissions, due to a missin...

CVE-2023-42738 is a missing permission check vulnerability in the telocom service that allows local attackers to escalate privileges without requiring...

This vulnerability in telecom services allows local attackers to write permission usage records of applications without proper authorization checks. I...

This CVE describes a missing permission check vulnerability in telecom services that allows local attackers to escalate privileges without requiring a...

This CVE describes a missing permission check vulnerability in telecom services that could allow local attackers to escalate privileges without needin...

This CVE describes a missing permission check vulnerability in camera service that allows local privilege escalation. Attackers can exploit this to ga...

This CVE describes a missing permission check in the WiFi service that allows local privilege escalation without requiring additional execution privil...

CVE-2023-42694 is a missing permission check vulnerability in the WiFi service that allows local attackers to escalate privileges without requiring ad...

This vulnerability in telecom services allows local attackers to escalate privileges without needing additional execution permissions. It affects syst...

This vulnerability in Android's Telecomm component allows secondary users to silence incoming calls without proper permission checks, enabling local p...

This vulnerability allows local attackers to bypass permission checks in Android Settings, potentially gaining elevated privileges without user intera...

This vulnerability in Android's Package Installer allows attackers to detect whether specific apps are installed without requiring query permissions, ...

This vulnerability in Android's Permission Manager allows attackers to bypass required permissions without user interaction, potentially gaining eleva...

CVE-2023-21313 is a local privilege escalation vulnerability in Android Core that allows malicious apps to forward calls without user knowledge due to...

This vulnerability in IXP Data Easy Install v6.6.14884.0 allows attackers to escalate privileges due to insufficient directory permissions. Attackers ...

CVE-2023-40634 is a missing permission check vulnerability in phasechecksercer that allows local privilege escalation without requiring additional exe...

This vulnerability allows unauthorized import of contacts from other users on Android devices due to a missing permission check in Telephony services....

CVE-2023-38449 is a missing permission check vulnerability in vowifiservice that allows local attackers to escalate privileges without requiring addit...

CVE-2023-38451 is a missing permission check vulnerability in vowifiservice that allows local attackers to escalate privileges without requiring addit...

CVE-2023-38453 is a missing permission check vulnerability in vowifiservice that allows local attackers to escalate privileges without requiring addit...

CVE-2023-38455 is a missing permission check vulnerability in vowifiservice that allows local attackers to escalate privileges without requiring addit...

CVE-2023-38458 is a missing permission check vulnerability in vowifiservice that allows local attackers to escalate privileges without requiring addit...

CVE-2023-38460 is a missing permission check vulnerability in vowifiservice that allows local attackers to escalate privileges without requiring addit...

CVE-2023-38464 is a missing permission check vulnerability in vowifiservice that allows local attackers to escalate privileges without requiring addit...

CVE-2023-38443 is a missing permission check vulnerability in vowifiservice that allows local privilege escalation. Attackers can exploit this to gain...

CVE-2023-24674 is a privilege escalation vulnerability in Bludit CMS v4.0.0 that allows local attackers to gain administrative privileges by manipulat...

This vulnerability allows local attackers to bypass device policy restrictions for Bluetooth scanning without proper permission checks. It enables loc...

This vulnerability in telephony services allows local attackers to escalate privileges without requiring additional execution permissions. It affects ...

CVE-2023-30916 is a missing permission check vulnerability in DMService that allows local attackers to escalate privileges without requiring additiona...

CVE-2023-20773 is a privilege escalation vulnerability in MediaTek's vow component where a missing permission check allows local attackers to gain ele...

This vulnerability allows a guest user on Android devices to escalate privileges without requiring any permissions or user interaction. It affects And...

This vulnerability allows local attackers to activate or deactivate RCS (Rich Communication Services) on Android devices without proper permissions. I...

This vulnerability allows local attackers to bypass Android's DISALLOW_DEBUGGING_FEATURES restriction, enabling unauthorized debugging and tracing cap...