Vulnerabilities > Missing Authorization
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-10-11 | CVE-2022-20434 | Missing Authorization vulnerability in Google Android There is an missing authorization issue in the system service. | 7.8 |
2022-10-11 | CVE-2022-31765 | Missing Authorization vulnerability in Siemens products Affected devices do not properly authorize the change password function of the web interface. | 8.8 |
2022-10-10 | CVE-2022-2350 | Missing Authorization vulnerability in Brainvire Disable User Login 1.0.1 The Disable User Login WordPress plugin through 1.0.1 does not have authorisation and CSRF checks when updating its settings, allowing unauthenticated attackers to block (or unblock) users at will. | 5.3 |
2022-10-07 | CVE-2022-39289 | Missing Authorization vulnerability in Zoneminder ZoneMinder is a free, open source Closed-circuit television software application. | 7.5 |
2022-10-07 | CVE-2022-39861 | Missing Authorization vulnerability in Samsung Factorycamera 2.1.96 Unprotected Receiver in AtBroadcastReceiver in FactoryCamera prior to version 3.5.51 allows attackers to record video without camera privilege. | 3.3 |
2022-10-06 | CVE-2022-39222 | Missing Authorization vulnerability in Linuxfoundation DEX Dex is an identity service that uses OpenID Connect to drive authentication for other apps. | 6.5 |
2022-10-03 | CVE-2022-3124 | Missing Authorization vulnerability in Najeebmedia Frontend File Manager The Frontend File Manager Plugin WordPress plugin before 21.3 allows any unauthenticated user to rename uploaded files from users. | 5.3 |
2022-09-30 | CVE-2022-40316 | Missing Authorization vulnerability in multiple products The H5P activity attempts report did not filter by groups, which in separate groups mode could reveal information to non-editing teachers about attempts/users in groups they should not have access to. | 4.3 |
2022-09-29 | CVE-2022-36068 | Missing Authorization vulnerability in Discourse Discourse is an open source discussion platform. | 4.3 |
2022-09-29 | CVE-2020-15337 | Missing Authorization vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1 Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a "Use of GET Request Method With Sensitive Query Strings" issue for /registerCpe requests. | 5.3 |