Vulnerabilities > Missing Authorization

DATE CVE VULNERABILITY TITLE RISK
2021-02-11 CVE-2021-21307 Missing Authorization vulnerability in Lucee Server
Lucee Server is a dynamic, Java based (JSR-223), tag and scripting language used for rapid web application development.
network
low complexity
lucee CWE-862
7.5
2021-02-03 CVE-2021-25755 Missing Authorization vulnerability in Jetbrains Code With ME
In JetBrains Code With Me before 2020.3, an attacker on the local network, knowing a session ID, could get access to the encrypted traffic.
1.9
2021-01-29 CVE-2020-29604 Missing Authorization vulnerability in Mantisbt
An issue was discovered in MantisBT before 2.24.4.
network
low complexity
mantisbt CWE-862
4.0
2021-01-18 CVE-2020-7343 Missing Authorization vulnerability in Mcafee Agent
Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates by manipulating a directory used by MA for temporary files.
local
low complexity
mcafee CWE-862
2.1
2021-01-15 CVE-2021-21246 Missing Authorization vulnerability in Onedev Project Onedev
OneDev is an all-in-one devops platform.
network
low complexity
onedev-project CWE-862
5.0
2021-01-14 CVE-2020-27220 Missing Authorization vulnerability in Eclipse Hono
The Eclipse Hono AMQP and MQTT protocol adapters do not check whether an authenticated gateway device is authorized to receive command & control messages when it has subscribed only to commands for a specific device.
network
low complexity
eclipse CWE-862
critical
9.0
2021-01-12 CVE-2021-23123 Missing Authorization vulnerability in Joomla Joomla!
An issue was discovered in Joomla! 3.0.0 through 3.9.23.
network
low complexity
joomla CWE-862
5.0
2021-01-12 CVE-2021-21468 Missing Authorization vulnerability in SAP Business Warehouse
The BW Database Interface does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges that allows the user to practically read out any database table.
network
low complexity
sap CWE-862
4.0
2021-01-12 CVE-2021-21467 Missing Authorization vulnerability in SAP Banking Services 400/450/500
SAP Banking Services (Generic Market Data) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.
network
low complexity
sap CWE-862
4.0
2021-01-08 CVE-2020-16029 Missing Authorization vulnerability in Google Chrome
Inappropriate implementation in PDFium in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to bypass navigation restrictions via a crafted PDF file.
network
google CWE-862
6.8