Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-03 | CVE-2019-15871 | Missing Authorization vulnerability in Wpbrigade Loginpress The LoginPress plugin before 1.1.4 for WordPress has no capability check for updates to settings. | 4.3 |
| 2019-08-29 | CVE-2019-13408 | Missing Authorization vulnerability in multiple products A relative path traversal vulnerability found in Advan VD-1 firmware versions up to 230. | 7.5 |
| 2019-08-29 | CVE-2019-11248 | Missing Authorization vulnerability in Kubernetes The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. | 8.2 |
| 2019-08-27 | CVE-2019-15648 | Missing Authorization vulnerability in Elearningfreak Insert or Embed Articulate Content The insert-or-embed-articulate-content-into-wordpress plugin before 4.29991 for WordPress has insufficient restrictions on deleting or renaming by a Subscriber. | 6.5 |
| 2019-08-23 | CVE-2019-13013 | Missing Authorization vulnerability in Obdev Little Snitch 4.3.0/4.3.1/4.3.2 Little Snitch versions 4.3.0 to 4.3.2 have a local privilege escalation vulnerability in their privileged helper tool. | 5.5 |
| 2019-08-23 | CVE-2019-8445 | Missing Authorization vulnerability in Atlassian Jira Server Several worklog rest resources in Jira before version 7.13.7, and from version 8.0.0 before version 8.3.2 allow remote attackers to view worklog time information via a missing permissions check. | 5.3 |
| 2019-08-20 | CVE-2019-2137 | Missing Authorization vulnerability in Google Android 9.0 In the endCall() function of TelecomManager.java, there is a possible Denial of Service due to a missing permission check. | 5.5 |
| 2019-08-18 | CVE-2019-15136 | Missing Authorization vulnerability in Eprosima Fast-Rtps The Access Control plugin in eProsima Fast RTPS through 1.9.0 does not check partition permissions from remote participant connections, which can lead to policy bypass for a secure Data Distribution Service (DDS) partition. | 7.5 |
| 2019-08-15 | CVE-2019-14786 | Missing Authorization vulnerability in Rankmath SEO The Rank Math SEO plugin 1.0.27 for WordPress allows non-admin users to reset the settings via the wp-admin/admin-post.php reset-cmb parameter. | 6.5 |
| 2019-08-14 | CVE-2019-0349 | Missing Authorization vulnerability in SAP Advanced Business Application Programming Platform Kernel SAP Kernel (ABAP Debugger), versions KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.73, KERNEL 7.21, 7.49, 7.53, 7.73, 7.75, 7.76, 7.77, allows a user to execute “Go to statement” without possessing the authorization S_DEVELOP DEBUG 02, resulting in Missing Authorization Check | 7.2 |