Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-18 | CVE-2021-0415 | Missing Authorization vulnerability in Google Android 10.0/11.0 In memory management driver, there is a possible information disclosure due to a missing permission check. | 5.5 |
| 2021-08-17 | CVE-2021-0641 | Missing Authorization vulnerability in Google Android In getAvailableSubscriptionInfoList of SubscriptionController.java, there is a possible disclosure of unique identifiers due to a missing permission check. | 5.5 |
| 2021-08-17 | CVE-2021-0642 | Missing Authorization vulnerability in Google Android In onResume of VoicemailSettingsFragment.java, there is a possible way to retrieve a trackable identifier without permissions due to a missing permission check. | 5.5 |
| 2021-08-16 | CVE-2021-38755 | Missing Authorization vulnerability in Hospital Management System Project Hospital Management System Unauthenticated doctor entry deletion in Hospital Management System in admin-panel1.php. | 5.3 |
| 2021-08-13 | CVE-2020-18753 | Missing Authorization vulnerability in Dcce Mac1100 PLC Firmware An issue in Dut Computer Control Engineering Co.'s PLC MAC1100 allows attackers to gain access to the system and escalate privileges via a crafted packet. | 9.8 |
| 2021-08-13 | CVE-2020-18757 | Missing Authorization vulnerability in Dcce Mac1100 PLC Firmware An issue in Dut Computer Control Engineering Co.'s PLC MAC1100 allows attackers to cause persistent denial of service (DOS) via a crafted packet. | 7.5 |
| 2021-08-05 | CVE-2021-35327 | Missing Authorization vulnerability in Totolink A720R Firmware 4.1.5Cu.470B20200911 A vulnerability in TOTOLINK A720R A720R_Firmware v4.1.5cu.470_B20200911 allows attackers to start the Telnet service, then login with the default credentials via a crafted POST request. | 9.8 |
| 2021-08-02 | CVE-2021-33197 | Missing Authorization vulnerability in Golang GO In Go before 1.15.13 and 1.16.x before 1.16.5, some configurations of ReverseProxy (from net/http/httputil) result in a situation where an attacker is able to drop arbitrary headers. | 5.3 |
| 2021-07-30 | CVE-2020-11511 | Missing Authorization vulnerability in Thimpress Learnpress The LearnPress plugin before 3.2.6.9 for WordPress allows remote attackers to escalate the privileges of any user to LP Instructor via the accept-to-be-teacher action parameter. | 8.1 |
| 2021-07-30 | CVE-2020-20698 | Missing Authorization vulnerability in S-Cms 3.0 A remote code execution (RCE) vulnerability in /1.com.php of S-CMS PHP v3.0 allows attackers to getshell via modification of a PHP file. | 7.2 |