Vulnerabilities > Missing Authorization
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-03-27 | CVE-2020-10955 | Missing Authorization vulnerability in multiple products GitLab EE/CE 11.1 through 12.9 is vulnerable to parameter tampering on an upload feature that allows an unauthorized user to read content available under specific folders. | 4.0 |
2020-03-24 | CVE-2020-10684 | Missing Authorization vulnerability in multiple products A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6 respectively, when using ansible_facts as a subkey of itself and promoting it to a variable when inject is enabled, overwriting the ansible_facts after the clean. | 7.1 |
2020-03-20 | CVE-2020-8139 | Missing Authorization vulnerability in multiple products A missing access control check in Nextcloud Server < 18.0.1, < 17.0.4, and < 16.0.9 causes hide-download shares to be downloadable when appending /download to the URL. | 6.5 |
2020-03-20 | CVE-2019-12498 | Missing Authorization vulnerability in 3CX Live Chat The WP Live Chat Support plugin before 8.0.33 for WordPress accepts certain REST API calls without invoking the wplc_api_permission_check protection mechanism. | 7.5 |
2020-03-18 | CVE-2019-18581 | Missing Authorization vulnerability in Dell products Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71 contain a server missing authorization vulnerability in the REST API. | 9.0 |
2020-03-17 | CVE-2020-1720 | Missing Authorization vulnerability in multiple products A flaw was found in PostgreSQL's "ALTER ... | 6.5 |
2020-03-17 | CVE-2019-20407 | Missing Authorization vulnerability in Atlassian Jira Data Center and Jira Server The ConfigureBambooRelease resource in Jira Software and Jira Software Data Center before version 8.6.1 allows authenticated remote attackers to view release version information in projects that they do not have access to through an missing authorisation check. | 4.0 |
2020-03-16 | CVE-2020-10239 | Missing Authorization vulnerability in Joomla Joomla! An issue was discovered in Joomla! before 3.9.16. | 6.5 |
2020-03-16 | CVE-2018-13063 | Missing Authorization vulnerability in Easyappointments Easy!Appointments Easy!Appointments 1.3.0 has a Missing Authorization issue allowing retrieval of hashed passwords and salts. | 5.0 |
2020-03-13 | CVE-2020-10073 | Missing Authorization vulnerability in Gitlab GitLab EE 12.4.2 through 12.8.1 allows Denial of Service. | 5.0 |