Vulnerabilities > Missing Authorization
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-07-10 | CVE-2019-12470 | Missing Authorization vulnerability in multiple products Wikimedia MediaWiki through 1.32.1 has Incorrect Access Control. | 4.0 |
2019-07-10 | CVE-2019-12469 | Missing Authorization vulnerability in multiple products MediaWiki through 1.32.1 has Incorrect Access Control. | 4.0 |
2019-07-09 | CVE-2019-13450 | Missing Authorization vulnerability in multiple products In the Zoom Client through 4.4.4 and RingCentral 7.0.136380.0312 on macOS, remote attackers can force a user to join a video call with the video camera active. | 6.5 |
2019-07-08 | CVE-2019-12926 | Missing Authorization vulnerability in Mailenable MailEnable Enterprise Premium 10.23 did not use appropriate access control checks in a number of areas. | 6.5 |
2019-07-01 | CVE-2019-7272 | Missing Authorization vulnerability in Optergy Enterprise and Proton Optergy Proton/Enterprise devices allow Username Disclosure. | 5.0 |
2019-06-29 | CVE-2019-13047 | Missing Authorization vulnerability in Toaruos Project Toaruos kernel/sys/syscall.c in ToaruOS through 1.10.9 has incorrect access control in sys_sysfunc case 9 for TOARU_SYS_FUNC_SETHEAP, allowing arbitrary kernel pages to be mapped into user land, leading to root access. | 7.8 |
2019-06-25 | CVE-2019-4158 | Missing Authorization vulnerability in IBM Security Access Manager IBM Security Access Manager 9.0.1 through 9.0.6 does not prove that a user's identity is correct which can lead to the exposure of resources or functionality to unintended actors. | 5.4 |
2019-06-20 | CVE-2019-6961 | Missing Authorization vulnerability in Rdkcentral Rdkb Ccsppandm Rdkb201812171 Incorrect access control in actionHandlerUtility.php in the RDK RDKB-20181217-1 WebUI module allows a logged in user to control DDNS, QoS, RIP, and other privileged configurations (intended only for the network operator) by sending an HTTP POST to the PHP backend, because the page filtering for non-superuser (in header.php) is done only for GET requests and not for direct AJAX calls. | 4.0 |
2019-06-19 | CVE-2019-2005 | Missing Authorization vulnerability in Google Android 8.0/8.1/9.0 In onPermissionGrantResult of GrantPermissionsActivity.java, there is a possible incorrectly granted permission due to a missing permission check. | 6.8 |
2019-06-12 | CVE-2019-6580 | Missing Authorization vulnerability in Siemens products A vulnerability has been identified in Siveillance VMS 2017 R2 (All versions < V11.2a), Siveillance VMS 2018 R1 (All versions < V12.1a), Siveillance VMS 2018 R2 (All versions < V12.2a), Siveillance VMS 2018 R3 (All versions < V12.3a), Siveillance VMS 2019 R1 (All versions < V13.1a). | 7.5 |