Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-14 | CVE-2020-0440 | Missing Authorization vulnerability in Google Android 11.0 In createVirtualDisplay of DisplayManagerService.java, there is a possible way to create a trusted virtual display due to a missing permission check. | 7.8 |
| 2020-12-11 | CVE-2020-26415 | Missing Authorization vulnerability in Gitlab Information about the starred projects for private user profiles was exposed via the GraphQL API starting from 12.2 via the REST API. | 4.3 |
| 2020-12-11 | CVE-2020-26408 | Missing Authorization vulnerability in Gitlab A limited information disclosure vulnerability exists in Gitlab CE/EE from >= 12.2 to <13.4.7, >=13.5 to <13.5.5, and >=13.6 to <13.6.2 that allows an attacker to view limited information in user's private profile | 5.3 |
| 2020-12-09 | CVE-2020-25499 | Missing Authorization vulnerability in Totolink products TOTOLINK A3002RU-V2.0.0 B20190814.1034 allows authenticated remote users to modify the system's 'Run Command'. | 8.8 |
| 2020-12-09 | CVE-2020-26832 | Missing Authorization vulnerability in SAP Netweaver Application Server Abap and S/4 Hana SAP AS ABAP (SAP Landscape Transformation), versions - 2011_1_620, 2011_1_640, 2011_1_700, 2011_1_710, 2011_1_730, 2011_1_731, 2011_1_752, 2020 and SAP S4 HANA (SAP Landscape Transformation), versions - 101, 102, 103, 104, 105, allows a high privileged user to execute a RFC function module to which access should be restricted, however due to missing authorization an attacker can get access to some sensitive internal information of vulnerable SAP system or to make vulnerable SAP systems completely unavailable. | 7.6 |
| 2020-12-09 | CVE-2020-26830 | Missing Authorization vulnerability in SAP Solution Manager 7.20 SAP Solution Manager 7.2 (User Experience Monitoring), version - 7.2, does not perform necessary authorization checks for an authenticated user. | 8.1 |
| 2020-12-09 | CVE-2020-27349 | Missing Authorization vulnerability in Canonical Ubuntu Linux Aptdaemon performed policykit checks after interacting with potentially untrusted files with elevated privileges. | 5.5 |
| 2020-12-08 | CVE-2020-14205 | Missing Authorization vulnerability in Divebook Project Divebook 1.1.4 The DiveBook plugin 1.1.4 for WordPress is prone to improper access control in the Log Dive form because it fails to perform authorization checks. | 5.3 |
| 2020-12-08 | CVE-2020-25629 | Missing Authorization vulnerability in Moodle A vulnerability was found in Moodle where users with "Log in as" capability in a course context (typically, course managers) may gain access to some site administration capabilities by "logging in as" a System manager. | 8.8 |
| 2020-12-03 | CVE-2020-23740 | Missing Authorization vulnerability in Drivergenius 9.61.5480.28 In DriverGenius 9.61.5480.28 there is a local privilege escalation vulnerability in the driver wizard, attackers can use constructed programs to increase user privileges. | 7.8 |