Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-22 | CVE-2020-26650 | Missing Authorization vulnerability in Atomx Atomxcms 2.0 AtomXCMS 2.0 is affected by Arbitrary File Read via admin/dump.php | 5.0 |
| 2020-10-22 | CVE-2020-26649 | Missing Authorization vulnerability in Atomx Atomxcms 2 AtomXCMS 2.0 is affected by Incorrect Access Control via admin/dump.php | 5.5 |
| 2020-10-19 | CVE-2020-15245 | Missing Authorization vulnerability in Sylius In Sylius before versions 1.6.9, 1.7.9 and 1.8.3, the user may register in a shop by email [email protected], verify it, change it to the mail [email protected] and stay verified and enabled. | 4.0 |
| 2020-10-16 | CVE-2019-19885 | Missing Authorization vulnerability in Bender products In Bender COMTRAXX, user authorization is validated for most, but not all, routes in the system. | 6.4 |
| 2020-10-15 | CVE-2020-14185 | Missing Authorization vulnerability in Atlassian Jira Affected versions of Jira Server allow remote unauthenticated attackers to enumerate issue keys via a missing permissions check in the ActionsAndOperations resource. | 5.0 |
| 2020-10-15 | CVE-2020-4499 | Missing Authorization vulnerability in IBM Security Access Manager and Security Verify Access IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an unauthorized public Oauth client to bypass some or all of the authentication checks and gain access to applications. | 7.5 |
| 2020-10-14 | CVE-2020-25824 | Missing Authorization vulnerability in Telegram Desktop Telegram Desktop through 2.4.3 does not require passcode entry upon pushing the Export key within the Export Telegram Data wizard. | 2.1 |
| 2020-10-14 | CVE-2020-0419 | Missing Authorization vulnerability in Google Android In generateInfo of PackageInstallerSession.java, there is a possible leak of cross-profile URI data during app installation due to a missing permission check. | 2.1 |
| 2020-10-14 | CVE-2020-0378 | Missing Authorization vulnerability in Google Android 10.0/11.0/9.0 In onWnmFrameReceived of PasspointManager.java, there is a missing permission check. | 4.9 |
| 2020-10-14 | CVE-2020-0246 | Missing Authorization vulnerability in Google Android 10.0/11.0 In getCarrierPrivilegeStatus of UiccAccessRule.java, there is a missing permission check. | 4.9 |