Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-06 | CVE-2023-30195 | Missing Authorization vulnerability in Lineagrafica Lgdetailedorder 1.1.20 In the module "Detailed Order" (lgdetailedorder) in version up to 1.1.20 from Linea Grafica for PrestaShop, a guest can download personal informations without restriction formatted in json. | 7.5 |
| 2023-07-05 | CVE-2023-35940 | Missing Authorization vulnerability in Glpi-Project Glpi GLPI is a free asset and IT management software package. | 7.5 |
| 2023-07-05 | CVE-2023-36624 | Missing Authorization vulnerability in Loxone Miniserver GO GEN 2 Firmware Loxone Miniserver Go Gen.2 through 14.0.3.28 allows an authenticated operating system user to escalate privileges via the Sudo configuration. | 7.8 |
| 2023-07-05 | CVE-2023-3482 | Missing Authorization vulnerability in Mozilla Firefox When Firefox is configured to block storage of all cookies, it was still possible to store data in localstorage by using an iframe with a source of 'about:blank'. | 6.5 |
| 2023-07-04 | CVE-2023-20772 | Missing Authorization vulnerability in Google Android 12.0/13.0 In vow, there is a possible escalation of privilege due to a missing permission check. | 6.7 |
| 2023-07-04 | CVE-2023-20773 | Missing Authorization vulnerability in Google Android 12.0/13.0 In vow, there is a possible escalation of privilege due to a missing permission check. | 7.8 |
| 2023-07-01 | CVE-2021-4388 | Missing Authorization vulnerability in Wpopal Opal Estate 1.6.11 The Opal Estate plugin for WordPress is vulnerable to featured property modifications in versions up to, and including, 1.6.11. | 5.3 |
| 2023-07-01 | CVE-2023-30586 | Missing Authorization vulnerability in Nodejs Node.Js A privilege escalation vulnerability exists in Node.js 20 that allowed loading arbitrary OpenSSL engines when the experimental permission model is enabled, which can bypass and/or disable the permission model. | 7.5 |
| 2023-06-30 | CVE-2023-36144 | Missing Authorization vulnerability in Intelbras SG 2404 MR Firmware 1.00.54 An authentication bypass in Intelbras Switch SG 2404 MR in firmware 1.00.54 allows an unauthenticated attacker to download the backup file of the device, exposing critical information about the device configuration. | 7.5 |
| 2023-06-28 | CVE-2023-21149 | Missing Authorization vulnerability in Google Android In registerGsmaServiceIntentReceiver of ShannonRcsService.java, there is a possible way to activate/deactivate RCS service due to a missing permission check. | 7.8 |