Vulnerabilities > Missing Authorization
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-06-15 | CVE-2022-20133 | Missing Authorization vulnerability in Google Android In setDiscoverableTimeout of AdapterService.java, there is a possible bypass of user interaction due to a missing permission check. | 7.8 |
2022-06-15 | CVE-2022-20137 | Missing Authorization vulnerability in Google Android 12.0/12.1 In onCreateContextMenu of NetworkProviderSettings.java, there is a possible way for non-owner users to change WiFi settings due to a missing permission check. | 7.3 |
2022-06-14 | CVE-2022-31595 | Missing Authorization vulnerability in SAP Adaptive Server Enterprise SAP Financial Consolidation - version 1010,?does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. | 8.8 |
2022-06-13 | CVE-2022-32560 | Missing Authorization vulnerability in Couchbase Server An issue was discovered in Couchbase Server before 7.0.4. | 7.5 |
2022-06-13 | CVE-2022-31752 | Missing Authorization vulnerability in Huawei Emui and Magic UI Missing authorization vulnerability in the system components. | 2.1 |
2022-06-13 | CVE-2021-25116 | Missing Authorization vulnerability in Enqueue Anything Project Enqueue Anything 1.0.1 The Enqueue Anything WordPress plugin through 1.0.1 does not have authorisation and CSRF checks in the remove_asset AJAX action, and does not ensure that the item to be deleted is actually an asset. | 6.5 |
2022-06-13 | CVE-2022-0745 | Missing Authorization vulnerability in Likebtn Like Button Rating The Like Button Rating WordPress plugin before 2.6.45 allows any logged-in user, such as subscriber, to send arbitrary e-mails to any recipient, with any subject and body | 4.0 |
2022-06-13 | CVE-2022-0885 | Missing Authorization vulnerability in Memberhero Member Hero 1.0.9 The Member Hero WordPress plugin through 1.0.9 lacks authorization checks, and does not validate the a request parameter in an AJAX action, allowing unauthenticated users to call arbitrary PHP functions with no arguments. | 9.8 |
2022-06-13 | CVE-2022-1777 | Missing Authorization vulnerability in Filr Project Filr The Filr WordPress plugin before 1.2.2.1 does not have authorisation check in two of its AJAX actions, allowing them to be called by any authenticated users, such as subscriber. | 6.5 |
2022-06-09 | CVE-2022-24896 | Missing Authorization vulnerability in Enalean Tuleap Tuleap is a Free & Open Source Suite to manage software developments and collaboration. | 4.0 |