Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-10 | CVE-2022-26102 | Missing Authorization vulnerability in SAP Netweaver Application Server Abap Due to missing authorization check, SAP NetWeaver Application Server for ABAP - versions 700, 701, 702, 731, allows an authenticated attacker, to access content on the start screen of any transaction that is available with in the same SAP system even if he/she isn't authorized for that transaction. | 5.4 |
| 2022-03-10 | CVE-2022-26104 | Missing Authorization vulnerability in SAP Financial Consolidation 10.1 SAP Financial Consolidation - version 10.1, does not perform necessary authorization checks for updating homepage messages, resulting for an unauthorized user to alter the maintenance system message. | 5.3 |
| 2022-03-10 | CVE-2022-20049 | Missing Authorization vulnerability in Google Android 10.0/11.0 In vpu, there is a possible escalation of privilege due to a missing permission check. | 6.7 |
| 2022-03-10 | CVE-2022-20053 | Missing Authorization vulnerability in Google Android In ims service, there is a possible escalation of privilege due to a missing permission check. | 7.8 |
| 2022-03-10 | CVE-2022-20054 | Missing Authorization vulnerability in Google Android In ims service, there is a possible AT command injection due to a missing permission check. | 7.8 |
| 2022-03-07 | CVE-2022-0163 | Missing Authorization vulnerability in Rednao Smart Forms The Smart Forms WordPress plugin before 2.6.71 does not have authorisation in its rednao_smart_forms_entries_list AJAX action, allowing any authenticated users, such as subscriber, to download arbitrary form's data, which could include sensitive information such as PII depending on the form. | 6.5 |
| 2022-03-04 | CVE-2021-3656 | Missing Authorization vulnerability in multiple products A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. | 8.8 |
| 2022-03-03 | CVE-2022-23709 | Missing Authorization vulnerability in Elastic Kibana A flaw was discovered in Kibana in which users with Read access to the Uptime feature could modify alerting rules. | 4.3 |
| 2022-03-03 | CVE-2022-0492 | Missing Authorization vulnerability in multiple products A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. | 7.8 |
| 2022-02-28 | CVE-2021-24977 | Missing Authorization vulnerability in USE ANY Font Project USE ANY Font The Use Any Font | Custom Font Uploader WordPress plugin before 6.2.1 does not have any authorisation checks when assigning a font, allowing unauthenticated users to sent arbitrary CSS which will then be processed by the frontend for all users. | 6.1 |