Vulnerabilities > Missing Authorization
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-12-17 | CVE-2021-40853 | Missing Authorization vulnerability in Tcman GIM 11.0/8.0 TCMAN GIM does not perform an authorization check when trying to access determined resources. | 7.2 |
2021-12-17 | CVE-2021-44857 | Missing Authorization vulnerability in Mediawiki An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. | 6.5 |
2021-12-15 | CVE-2021-27857 | Missing Authorization vulnerability in Fatpipeinc Ipvpn Firmware and Mpvpn Firmware A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows a remote, unauthenticated attacker to download a configuration archive. | 4.3 |
2021-12-15 | CVE-2021-27858 | Missing Authorization vulnerability in Fatpipeinc Ipvpn Firmware and Mpvpn Firmware A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows a remote attacker to access at least the URL "/fpui/jsp/index.jsp" leading to unknown impact, presumably some violation of confidentiality. | 5.0 |
2021-12-15 | CVE-2021-27859 | Missing Authorization vulnerability in Fatpipeinc Ipvpn Firmware and Mpvpn Firmware A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows an authenticated, remote attacker with read-only privileges to create an account with administrative privileges. | 6.5 |
2021-12-15 | CVE-2021-0653 | Missing Authorization vulnerability in Google Android 10.0/11.0/9.0 In enqueueNotification of NetworkPolicyManagerService.java, there is a possible way to retrieve a trackable identifier due to a missing permission check. | 4.9 |
2021-12-15 | CVE-2021-0922 | Missing Authorization vulnerability in Google Android 11.0 In enforceCrossUserOrProfilePermission of PackageManagerService.java, there is a possible bypass of INTERACT_ACROSS_PROFILES permission due to a missing permission check. | 4.6 |
2021-12-15 | CVE-2021-0923 | Missing Authorization vulnerability in Google Android 12.0 In createOrUpdate of Permission.java, there is a possible way to gain internal permissions due to a missing permission check. | 7.2 |
2021-12-15 | CVE-2021-0926 | Missing Authorization vulnerability in Google Android In onCreate of NfcImportVCardActivity.java, there is a possible way to add a contact without user's consent due to a missing permission check. | 7.2 |
2021-12-15 | CVE-2021-0965 | Missing Authorization vulnerability in Google Android In AndroidManifest.xml of Settings, there is a possible pairing of a Bluetooth device without user's consent due to a missing permission check. | 5.8 |