Vulnerabilities > Missing Authorization
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-03-10 | CVE-2021-0388 | Missing Authorization vulnerability in Google Android 11.0 In onReceive of ImsPhoneCallTracker.java, there is a possible misattribution of data usage due to an incorrect broadcast handler. | 4.6 |
2021-03-10 | CVE-2021-0385 | Missing Authorization vulnerability in Google Android 11.0 In createConnectToAvailableNetworkNotification of ConnectToNetworkNotificationBuilder.java, there is a possible connection to untrusted WiFi networks due to notification interaction above the lockscreen. | 4.6 |
2021-03-10 | CVE-2021-0380 | Missing Authorization vulnerability in Google Android 11.0 In onReceive of DcTracker.java, there is a possible way to trigger a provisioning URL and modify other telephony settings due to a missing permission check. | 4.6 |
2021-03-10 | CVE-2021-0390 | Missing Authorization vulnerability in Google Android In various methods of WifiNetworkSuggestionsManager.java, there is a possible modification of suggested networks due to a missing permission check. | 4.6 |
2021-03-09 | CVE-2021-21487 | Missing Authorization vulnerability in SAP Payment Engine 500 SAP Payment Engine version 500, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. | 6.5 |
2021-03-09 | CVE-2021-21486 | Missing Authorization vulnerability in SAP Enterprise Financial Services SAP Enterprise Financial Services versions, 101, 102, 103, 104, 105, 600, 603, 604, 605, 606, 616, 617, 618, 800, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. | 6.5 |
2021-03-08 | CVE-2021-21326 | Missing Authorization vulnerability in Glpi-Project Glpi GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. | 4.0 |
2021-03-04 | CVE-2021-26988 | Missing Authorization vulnerability in Netapp Data Ontap Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P8 and 9.8 are susceptible to a vulnerability which could allow unauthorized tenant users to discover information related to converting a 7-Mode directory to Cluster-mode such as Storage Virtual Machine (SVM) names, volume names, directory paths and Job IDs. | 2.7 |
2021-03-03 | CVE-2021-22877 | Missing Authorization vulnerability in multiple products A missing user check in Nextcloud prior to 20.0.6 inadvertently populates a user's own credentials for other users external storage configuration when not already configured yet. | 6.5 |
2021-03-03 | CVE-2021-21978 | Missing Authorization vulnerability in VMWare View Planner 4.6 VMware View Planner 4.x prior to 4.6 Security Patch 1 contains a remote code execution vulnerability. | 9.8 |