Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-05 | CVE-2019-15953 | Missing Authorization vulnerability in Totaljs Total.Js CMS 12.0.0 An issue was discovered in Total.js CMS 12.0.0. | 6.5 |
| 2019-09-03 | CVE-2019-15871 | Missing Authorization vulnerability in Wpbrigade Loginpress The LoginPress plugin before 1.1.4 for WordPress has no capability check for updates to settings. | 4.0 |
| 2019-08-23 | CVE-2019-13013 | Missing Authorization vulnerability in Obdev Little Snitch 4.3.0/4.3.1/4.3.2 Little Snitch versions 4.3.0 to 4.3.2 have a local privilege escalation vulnerability in their privileged helper tool. | 5.5 |
| 2019-08-23 | CVE-2019-8445 | Missing Authorization vulnerability in Atlassian Jira Server Several worklog rest resources in Jira before version 7.13.7, and from version 8.0.0 before version 8.3.2 allow remote attackers to view worklog time information via a missing permissions check. | 5.0 |
| 2019-08-18 | CVE-2019-15136 | Missing Authorization vulnerability in Eprosima Fast-Rtps The Access Control plugin in eProsima Fast RTPS through 1.9.0 does not check partition permissions from remote participant connections, which can lead to policy bypass for a secure Data Distribution Service (DDS) partition. | 5.0 |
| 2019-08-15 | CVE-2019-14786 | Missing Authorization vulnerability in Rankmath SEO The Rank Math SEO plugin 1.0.27 for WordPress allows non-admin users to reset the settings via the wp-admin/admin-post.php reset-cmb parameter. | 6.5 |
| 2019-08-14 | CVE-2019-1170 | Missing Authorization vulnerability in Microsoft products An elevation of privilege vulnerability exists when reparse points are created by sandboxed processes allowing sandbox escape. | 7.9 |
| 2019-08-14 | CVE-2019-0349 | Missing Authorization vulnerability in SAP Advanced Business Application Programming Platform Kernel SAP Kernel (ABAP Debugger), versions KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.73, KERNEL 7.21, 7.49, 7.53, 7.73, 7.75, 7.76, 7.77, allows a user to execute “Go to statement” without possessing the authorization S_DEVELOP DEBUG 02, resulting in Missing Authorization Check | 6.5 |
| 2019-08-09 | CVE-2019-14793 | Missing Authorization vulnerability in Metabox Meta BOX The Meta Box plugin before 4.16.3 for WordPress allows file deletion via ajax, with the wp-admin/admin-ajax.php?action=rwmb_delete_file attachment_id parameter. | 5.5 |
| 2019-08-07 | CVE-2019-10389 | Missing Authorization vulnerability in Jenkins Relution Enterprise Appstore Publisher 1.0/1.24 A missing permission check in Jenkins Relution Enterprise Appstore Publisher Plugin 1.24 and earlier allows attackers to have Jenkins initiate an HTTP connection to an attacker-specified server. | 4.3 |