Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-11 | CVE-2020-10779 | Missing Authorization vulnerability in Redhat Cloudforms 4.7/5.0.0 Red Hat CloudForms 4.7 and 5 leads to insecure direct object references (IDOR) and functional level access control bypass due to missing privilege check. | 4.0 |
| 2020-08-04 | CVE-2020-15109 | Missing Authorization vulnerability in Nebulab Solidus In solidus before versions 2.8.6, 2.9.6, and 2.10.2, there is an bility to change order address without triggering address validations. | 5.0 |
| 2020-08-04 | CVE-2020-15943 | Missing Authorization vulnerability in Gantt-Chart Project Gantt-Chart An issue was discovered in the Gantt-Chart module before 5.5.4 for Jira. | 5.5 |
| 2020-08-04 | CVE-2020-13523 | Missing Authorization vulnerability in Softperfect RAM Disk 4.1 An exploitable information disclosure vulnerability exists in SoftPerfect’s RAM Disk 4.1 spvve.sys driver. | 2.1 |
| 2020-07-31 | CVE-2020-5396 | Missing Authorization vulnerability in VMWare Gemfire and Tanzu Gemfire FOR Virtual Machines VMware GemFire versions prior to 9.10.0, 9.9.2, 9.8.7, and 9.7.6, and VMware Tanzu GemFire for VMs versions prior to 1.11.1 and 1.10.2, when deployed without a SecurityManager, contain a JMX service available which contains an insecure default configuration. | 6.5 |
| 2020-07-31 | CVE-2020-14520 | Missing Authorization vulnerability in Inductiveautomation Ignition Gateway The affected product is vulnerable to an information leak, which may allow an attacker to obtain sensitive information on the Ignition 8 (all versions prior to 8.0.13). | 5.0 |
| 2020-07-28 | CVE-2020-15408 | Missing Authorization vulnerability in Pulsesecure Pulse Connect Secure 7.1/7.4 An issue was discovered in Pulse Secure Pulse Connect Secure before 9.1R8. | 5.8 |
| 2020-07-21 | CVE-2020-15102 | Missing Authorization vulnerability in Prestashop Dashboard products In PrestaShop Dashboard Productions before version 2.1.0, there is improper authorization which enables an attacker to change the configuration. | 4.0 |
| 2020-07-20 | CVE-2020-14491 | Missing Authorization vulnerability in Openclinic GA Project Openclinic GA 5.09.02/5.89.05B OpenClinic GA versions 5.09.02 and 5.89.05b do not properly check permissions before executing SQL queries, which may allow a low-privilege user to access privileged information. | 4.0 |
| 2020-07-17 | CVE-2020-0227 | Missing Authorization vulnerability in Google Android In onCommand of CompanionDeviceManagerService.java, there is a possible permissions bypass due to a missing permission check. | 7.2 |