Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-22 | CVE-2021-20733 | Missing Authorization vulnerability in Asken Improper authorization in handler for custom URL scheme vulnerability in ????????? (asken diet) for Android versions from v.3.0.0 to v.4.2.x allows a remote attacker to lead a user to access an arbitrary website via the vulnerable App. | 6.1 |
| 2021-06-21 | CVE-2021-0505 | Missing Authorization vulnerability in Google Android 11.0 In the Settings app, there is a possible way to disable an always-on VPN due to a missing permission check. | 7.8 |
| 2021-06-21 | CVE-2021-0513 | Missing Authorization vulnerability in Google Android In deleteNotificationChannel and related functions of NotificationManagerService.java, there is a possible permission bypass due to improper state validation. | 7.8 |
| 2021-06-21 | CVE-2021-0521 | Missing Authorization vulnerability in Google Android In getAllPackages of PackageManagerService, there is a possible information disclosure due to a missing permission check. | 5.5 |
| 2021-06-16 | CVE-2020-20444 | Missing Authorization vulnerability in Openclinic Project Openclinic 0.8.20160412 Jact OpenClinic 0.8.20160412 allows the attacker to read server files after login to the the admin account by an infected 'file' GET parameter in '/shared/view_source.php' which "could" lead to RCE vulnerability . | 7.2 |
| 2021-06-11 | CVE-2021-21382 | Missing Authorization vulnerability in Wire Restund 0.4.12/0.4.13/0.4.14 Restund is an open source NAT traversal server. | 9.6 |
| 2021-06-11 | CVE-2021-0491 | Missing Authorization vulnerability in Google Android In memory management driver, there is a possible escalation of privilege due to a missing permission check. | 7.8 |
| 2021-06-11 | CVE-2021-22896 | Missing Authorization vulnerability in Nextcloud Nextcloud Mail before 1.9.5 suffers from improper access control due to a missing permission check allowing other authenticated users to create mail aliases for other users. | 4.3 |
| 2021-06-11 | CVE-2021-23204 | Missing Authorization vulnerability in Gallagher Command Centre 8.30/8.30.1236/8.30.1299 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Gallagher Command Centre Server allows OSDP key material to be exposed to Command Centre Operators. | 6.5 |
| 2021-06-11 | CVE-2021-25409 | Missing Authorization vulnerability in Google Android 10.0 Improper access in Notification setting prior to SMR JUN-2021 Release 1 allows physically proximate attackers to set arbitrary notification via physically configuring device. | 2.4 |