Vulnerabilities > Missing Authorization
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-08-05 | CVE-2021-35327 | Missing Authorization vulnerability in Totolink A720R Firmware 4.1.5Cu.470B20200911 A vulnerability in TOTOLINK A720R A720R_Firmware v4.1.5cu.470_B20200911 allows attackers to start the Telnet service, then login with the default credentials via a crafted POST request. | 7.5 |
2021-08-02 | CVE-2021-33197 | Missing Authorization vulnerability in Golang GO In Go before 1.15.13 and 1.16.x before 1.16.5, some configurations of ReverseProxy (from net/http/httputil) result in a situation where an attacker is able to drop arbitrary headers. | 4.3 |
2021-07-30 | CVE-2020-11511 | Missing Authorization vulnerability in Thimpress Learnpress The LearnPress plugin before 3.2.6.9 for WordPress allows remote attackers to escalate the privileges of any user to LP Instructor via the accept-to-be-teacher action parameter. | 8.1 |
2021-07-30 | CVE-2020-20698 | Missing Authorization vulnerability in S-Cms 3.0 A remote code execution (RCE) vulnerability in /1.com.php of S-CMS PHP v3.0 allows attackers to getshell via modification of a PHP file. | 6.5 |
2021-07-27 | CVE-2021-32748 | Missing Authorization vulnerability in Nextcloud Richdocuments Nextcloud Richdocuments in an open source self hosted online office. | 4.0 |
2021-07-26 | CVE-2021-29770 | Missing Authorization vulnerability in IBM I2 Analyze 4.3.0/4.3.1/4.3.2 IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) could allow an authenticated user to perform unauthorized actions due to hazardous input validation. | 4.0 |
2021-07-15 | CVE-2020-12734 | Missing Authorization vulnerability in Depstech Wifi Digital Microscope 3 Firmware DEPSTECH WiFi Digital Microscope 3 allows remote attackers to change the SSID and password, and demand a ransom payment from the rightful device owner, because there is no way to reset to Factory Default settings. | 4.8 |
2021-07-14 | CVE-2021-0518 | Missing Authorization vulnerability in Google Android 13.0 In Wi-Fi, there is a possible leak of location-sensitive data due to a missing permission check. | 5.5 |
2021-07-14 | CVE-2021-0597 | Missing Authorization vulnerability in Google Android In notifyProfileAdded and notifyProfileRemoved of SipService.java, there is a possible way to retrieve SIP account names due to a missing permission check. | 4.9 |
2021-07-14 | CVE-2021-0654 | Missing Authorization vulnerability in Google Android In isRealSnapshot of TaskThumbnailView.java, there is possible data exposure due to a missing permission check. | 4.3 |