Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-28 | CVE-2023-21173 | Missing Authorization vulnerability in Google Android 13.0 In multiple methods of DataUsageList.java, there is a possible way to learn about admin user's network activities due to a missing permission check. | 5.5 |
| 2023-06-28 | CVE-2023-21177 | Missing Authorization vulnerability in Google Android 13.0 In requestAppKeyboardShortcuts of WindowManagerService.java, there is a possible way to infer the app a user is interacting with due to a missing permission check. | 5.5 |
| 2023-06-28 | CVE-2023-21185 | Missing Authorization vulnerability in Google Android 13.0 In multiple functions of WifiNetworkFactory.java, there is a missing permission check. | 7.8 |
| 2023-06-27 | CVE-2023-35998 | Missing Authorization vulnerability in Proofpoint Insider Threat Management Server A missing authorization check in multiple SOAP endpoints of the Insider Threat Management Server enables an attacker on an adjacent network to read and write unauthorized objects. | 4.6 |
| 2023-06-27 | CVE-2023-36000 | Missing Authorization vulnerability in Proofpoint Insider Threat Management Server A missing authorization check in the MacOS agent configuration endpoint of the Insider Threat Management Server enables an anonymous attacker on an adjacent network to obtain sensitive information. | 6.5 |
| 2023-06-27 | CVE-2023-36002 | Missing Authorization vulnerability in Proofpoint Insider Threat Management Server A missing authorization check in multiple URL validation endpoints of the Insider Threat Management Server enables an anonymous attacker on an adjacent network to smuggle content via DNS lookups. | 4.3 |
| 2023-06-27 | CVE-2023-22834 | Missing Authorization vulnerability in Palantir Contour The Contour Service was not checking that users had permission to create an analysis for a given dataset. | 4.3 |
| 2023-06-23 | CVE-2023-36348 | Missing Authorization vulnerability in Codekop 2.0 POS Codekop v2.0 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the filename parameter. | 8.8 |
| 2023-06-19 | CVE-2023-3315 | Missing Authorization vulnerability in Jenkins Team Concert Missing permission checks in Jenkins Team Concert Plugin 2.4.1 and earlier allow attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system. | 4.3 |
| 2023-06-19 | CVE-2022-48491 | Missing Authorization vulnerability in Huawei Emui Vulnerability of missing authentication on certain HUAWEI phones.Successful exploitation of this vulnerability can lead to ads and other windows to display at any time. | 5.3 |