Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-16 | CVE-2020-2267 | Missing Authorization vulnerability in Jenkins Mongodb A missing permission check in Jenkins MongoDB Plugin 1.3 and earlier allows attackers with Overall/Read permission to gain access to some metadata of any arbitrary files on the Jenkins controller. | 4.3 |
| 2020-09-16 | CVE-2020-2260 | Missing Authorization vulnerability in Jenkins Perfecto A missing permission check in Jenkins Perfecto Plugin 1.17 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP URL using attacker-specified credentials. | 4.3 |
| 2020-09-16 | CVE-2020-2255 | Missing Authorization vulnerability in Jenkins Blue Ocean A missing permission check in Jenkins Blue Ocean Plugin 1.23.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL. | 4.3 |
| 2020-09-11 | CVE-2020-25283 | Missing Authorization vulnerability in Google Android An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. | 9.8 |
| 2020-09-11 | CVE-2020-25282 | Missing Authorization vulnerability in Google Android 10.0 An issue was discovered on LG mobile devices with Android OS 10 software. | 9.8 |
| 2020-09-01 | CVE-2020-2242 | Missing Authorization vulnerability in Jenkins Database A missing permission check in Jenkins database Plugin 1.6 and earlier allows attackers with Overall/Read access to Jenkins to connect to an attacker-specified database server using attacker-specified credentials. | 6.5 |
| 2020-08-31 | CVE-2020-13464 | Missing Authorization vulnerability in Cksic Cks32F103 Firmware The flash memory readout protection in China Key Systems & Integrated Circuit CKS32F103 devices allows physical attackers to extract firmware via the debug interface by utilizing the CPU or DMA module. | 4.2 |
| 2020-08-29 | CVE-2020-24928 | Missing Authorization vulnerability in Premid managers/socketManager.ts in PreMiD through 2.1.3 has a locally hosted socketio web server (port 3020) open to all origins, which allows attackers to obtain sensitive Discord user information. | 5.3 |
| 2020-08-27 | CVE-2020-3394 | Missing Authorization vulnerability in Cisco Nx-Os A vulnerability in the Enable Secret feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, local attacker to issue the enable command and get full administrative privileges. | 7.8 |
| 2020-08-27 | CVE-2020-4175 | Missing Authorization vulnerability in IBM Security Guardium Insights 2.0.1 IBM Security Guardium Insights 2.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 5.9 |