Vulnerabilities > Missing Authorization
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-12-06 | CVE-2022-42777 | Missing Authorization vulnerability in Google Android 10.0/11.0/12.0 In power management service, there is a missing permission check. | 7.8 |
2022-12-06 | CVE-2022-42778 | Missing Authorization vulnerability in Google Android 11.0 In windows manager service, there is a missing permission check. | 7.8 |
2022-12-06 | CVE-2022-42782 | Missing Authorization vulnerability in Google Android 10.0/11.0/12.0 In wlan driver, there is a possible missing permission check, This could lead to local information disclosure. | 5.5 |
2022-12-06 | CVE-2022-44009 | Missing Authorization vulnerability in Stackstorm 3.7.0 Improper access control in Key-Value RBAC in StackStorm version 3.7.0 didn't check the permissions in Jinja filters, allowing attackers to access K/V pairs of other users, potentially leading to the exposure of sensitive Information. | 7.5 |
2022-12-05 | CVE-2022-41807 | Missing Authorization vulnerability in Kyocera products Missing authorization vulnerability exists in Kyocera Document Solutions MFPs and printers, which may allow a network-adjacent attacker to alter the product settings without authentication by sending a specially crafted request. | 6.5 |
2022-11-29 | CVE-2022-32966 | Missing Authorization vulnerability in Realtek Rtl8111Fp-Cg Firmware 3.0.0.2019090/5.0.10/5.0.23 RTL8168FP-CG Dash remote management function has missing authorization. | 6.5 |
2022-11-28 | CVE-2022-24190 | Missing Authorization vulnerability in Sz-Fujia Ourphoto 1.4.1 The /device/acceptBind end-point for Ourphoto App version 1.4.1 does not require authentication or authorization. | 7.5 |
2022-11-28 | CVE-2022-4169 | Missing Authorization vulnerability in Theme and Plugin Translation for Polylang Project Theme and Plugin Translation for Polylang The Theme and plugin translation for Polylang is vulnerable to authorization bypass in versions up to, and including, 3.2.16 due to missing capability checks in the process_polylang_theme_translation_wp_loaded() function. | 5.3 |
2022-11-23 | CVE-2022-41929 | Missing Authorization vulnerability in Xwiki org.xwiki.platform:xwiki-platform-oldcore is missing authorization in User#setDisabledStatus, which may allow an incorrectly authorized user with only Script rights to enable or disable a user. | 4.9 |
2022-11-23 | CVE-2022-41930 | Missing Authorization vulnerability in Xwiki org.xwiki.platform:xwiki-platform-user-profile-ui is missing authorization to enable or disable users. | 8.2 |