Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-07 | CVE-2021-22233 | Missing Authorization vulnerability in Gitlab An information disclosure vulnerability in GitLab EE versions 13.10 and later allowed a user to read project details | 4.3 |
| 2021-07-07 | CVE-2021-20777 | Missing Authorization vulnerability in Gu-Global GU Improper authorization in handler for custom URL scheme vulnerability in GU App for Android versions from 4.8.0 to 5.0.2 allows a remote attacker to lead a user to access an arbitrary website via the vulnerable App. | 4.3 |
| 2021-06-30 | CVE-2021-21676 | Missing Authorization vulnerability in Jenkins Requests Jenkins requests-plugin Plugin 2.2.7 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to send test emails to an attacker-specified email address. | 4.3 |
| 2021-06-30 | CVE-2021-27903 | Missing Authorization vulnerability in Craftcms Craft CMS An issue was discovered in Craft CMS before 3.6.7. | 9.8 |
| 2021-06-24 | CVE-2021-29958 | Missing Authorization vulnerability in Mozilla Firefox When a download was initiated, the client did not check whether it was in normal or private browsing mode, which led to private mode cookies being shared in normal browsing mode. | 4.3 |
| 2021-06-22 | CVE-2020-22176 | Missing Authorization vulnerability in PHPgurukul Hospital Management System 4.0 PHPGurukul Hospital Management System in PHP v4.0 has a sensitive information disclosure vulnerability in multiple areas. | 7.5 |
| 2021-06-22 | CVE-2021-0539 | Missing Authorization vulnerability in Google Android 11.0 In archiveStoredConversation of MmsService.java, there is a possible way to archive message conversation without user consent due to a missing permission check. | 7.8 |
| 2021-06-22 | CVE-2021-0547 | Missing Authorization vulnerability in Google Android 11.0 In onReceive of NetInitiatedActivity.java, there is a possible way to supply an attacker-controlled value to a GPS HAL handler due to a missing permission check. | 7.8 |
| 2021-06-22 | CVE-2021-0554 | Missing Authorization vulnerability in Google Android 11.0 In isBackupServiceActive of BackupManagerService.java, there is a missing permission check. | 5.5 |
| 2021-06-22 | CVE-2021-0568 | Missing Authorization vulnerability in Google Android 11.0 In onReceive of DevicePolicyManagerService.java, there is a possible enabling of disabled profiles due to a missing permission check. | 7.8 |