Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-15 | CVE-2022-20133 | Missing Authorization vulnerability in Google Android In setDiscoverableTimeout of AdapterService.java, there is a possible bypass of user interaction due to a missing permission check. | 7.8 |
| 2022-06-15 | CVE-2022-20137 | Missing Authorization vulnerability in Google Android 12.0/12.1 In onCreateContextMenu of NetworkProviderSettings.java, there is a possible way for non-owner users to change WiFi settings due to a missing permission check. | 7.3 |
| 2022-06-13 | CVE-2022-32560 | Missing Authorization vulnerability in Couchbase Server An issue was discovered in Couchbase Server before 7.0.4. | 7.5 |
| 2022-06-13 | CVE-2022-31752 | Missing Authorization vulnerability in Huawei Emui and Magic UI Missing authorization vulnerability in the system components. | 5.5 |
| 2022-06-13 | CVE-2021-25116 | Missing Authorization vulnerability in Enqueue Anything Project Enqueue Anything 1.0.1 The Enqueue Anything WordPress plugin through 1.0.1 does not have authorisation and CSRF checks in the remove_asset AJAX action, and does not ensure that the item to be deleted is actually an asset. | 6.5 |
| 2022-06-13 | CVE-2022-0885 | Missing Authorization vulnerability in Memberhero Member Hero 1.0.9 The Member Hero WordPress plugin through 1.0.9 lacks authorization checks, and does not validate the a request parameter in an AJAX action, allowing unauthenticated users to call arbitrary PHP functions with no arguments. | 9.8 |
| 2022-06-08 | CVE-2022-1570 | Missing Authorization vulnerability in Files Download Delay Project Files Download Delay The Files Download Delay WordPress plugin before 1.0.7 does not have authorisation and CSRF checks when reseting its settings, which could allow any authenticated users, such as subscriber to perform such action. | 6.5 |
| 2022-06-07 | CVE-2022-30746 | Missing Authorization vulnerability in Samsung Smartthings 1.7.73.22 Missing caller check in Smart Things prior to version 1.7.85.12 allows attacker to access senstive information remotely using javascript interface API. | 7.5 |
| 2022-06-06 | CVE-2022-21748 | Missing Authorization vulnerability in Google Android 11.0/12.0 In telephony, there is a possible information disclosure due to a missing permission check. | 5.5 |
| 2022-06-06 | CVE-2022-21749 | Missing Authorization vulnerability in Google Android 11.0/12.0 In telephony, there is a possible information disclosure due to a missing permission check. | 5.5 |