Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-09 | CVE-2021-21486 | Missing Authorization vulnerability in SAP Enterprise Financial Services SAP Enterprise Financial Services versions, 101, 102, 103, 104, 105, 600, 603, 604, 605, 606, 616, 617, 618, 800, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. | 8.8 |
| 2021-03-04 | CVE-2021-25344 | Missing Authorization vulnerability in Google Android 10.0/11.0 Missing permission check in knox_custom service prior to SMR Mar-2021 Release 1 allows attackers to gain access to device's serial number without permission. | 5.5 |
| 2021-03-04 | CVE-2021-26988 | Missing Authorization vulnerability in Netapp Data Ontap Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P8 and 9.8 are susceptible to a vulnerability which could allow unauthorized tenant users to discover information related to converting a 7-Mode directory to Cluster-mode such as Storage Virtual Machine (SVM) names, volume names, directory paths and Job IDs. | 3.5 |
| 2021-03-03 | CVE-2021-22877 | Missing Authorization vulnerability in multiple products A missing user check in Nextcloud prior to 20.0.6 inadvertently populates a user's own credentials for other users external storage configuration when not already configured yet. | 6.5 |
| 2021-03-03 | CVE-2021-21978 | Missing Authorization vulnerability in VMWare View Planner 4.6 VMware View Planner 4.x prior to 4.6 Security Patch 1 contains a remote code execution vulnerability. | 9.8 |
| 2021-02-26 | CVE-2021-0403 | Missing Authorization vulnerability in Google Android 11.0 In netdiag, there is a possible information disclosure due to a missing permission check. | 4.4 |
| 2021-02-26 | CVE-2021-23975 | Missing Authorization vulnerability in Mozilla Firefox The developer page about:memory has a Measure function for exploring what object types the browser has allocated and their sizes. | 6.5 |
| 2021-02-10 | CVE-2021-0328 | Missing Authorization vulnerability in Google Android In onBatchScanReports and deliverBatchScan of GattService.java, there is a possible way to retrieve Bluetooth scan results without permissions due to a missing permission check. | 7.8 |
| 2021-02-05 | CVE-2020-10858 | Missing Authorization vulnerability in Zulip Desktop Zulip Desktop before 5.0.0 allows attackers to perform recording via the webcam and microphone due to a missing permission request handler. | 5.3 |
| 2021-01-29 | CVE-2020-29604 | Missing Authorization vulnerability in Mantisbt An issue was discovered in MantisBT before 2.24.4. | 6.5 |