Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-07 | CVE-2018-7688 | Missing Authorization vulnerability in Opensuse Open Build Service A missing permission check in the review handling of openSUSE Open Build Service before 2.9.3 allowed all authenticated users to modify sources in projects where they do not have write permissions. | 6.5 |
| 2018-06-07 | CVE-2018-0322 | Missing Authorization vulnerability in Cisco products A vulnerability in the web management interface of Cisco Prime Collaboration Provisioning (PCP) could allow an authenticated, remote attacker to modify sensitive data that is associated with arbitrary accounts on an affected device. | 8.8 |
| 2018-06-07 | CVE-2018-0317 | Missing Authorization vulnerability in Cisco products A vulnerability in the web interface of Cisco Prime Collaboration Provisioning (PCP) could allow an authenticated, remote attacker to escalate their privileges. | 8.8 |
| 2018-05-22 | CVE-2018-10092 | Missing Authorization vulnerability in Dolibarr The admin panel in Dolibarr before 7.0.2 might allow remote attackers to execute arbitrary commands by leveraging support for updating the antivirus command and parameters used to scan file uploads. | 8.0 |
| 2018-05-21 | CVE-2018-8012 | Missing Authorization vulnerability in multiple products No authentication/authorization is enforced when a server attempts to join a quorum in Apache ZooKeeper before 3.4.10, and 3.5.0-alpha through 3.5.3-beta. | 7.5 |
| 2018-05-09 | CVE-2018-2419 | Missing Authorization vulnerability in SAP Ea-Finserv, S4Core and Sapscore SAP Enterprise Financial Services (SAPSCORE 1.11, 1.12; S4CORE 1.01, 1.02; EA-FINSERV 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. | 4.6 |
| 2018-05-04 | CVE-2018-10251 | Missing Authorization vulnerability in Sierrawireless Aleos A vulnerability in Sierra Wireless AirLink GX400, GX440, ES440, and LS300 routers with firmware before 4.4.7 and GX450, ES450, RV50, RV50X, MP70, and MP70E routers with firmware before 4.9.3 could allow an unauthenticated remote attacker to execute arbitrary code and gain full control of an affected system, including issuing commands with root privileges. | 9.8 |
| 2018-04-25 | CVE-2018-10207 | Missing Authorization vulnerability in Vaultize Enterprise File Sharing 17.05.31 An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. | 5.3 |
| 2018-04-10 | CVE-2018-2413 | Missing Authorization vulnerability in SAP Disclosure Management 10.1 SAP Disclosure Management 10.1 does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. | 8.8 |
| 2018-04-10 | CVE-2018-2412 | Missing Authorization vulnerability in SAP Disclosure Management 10.1 SAP Disclosure Management 10.1 does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. | 8.8 |