Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-14 | CVE-2017-1002151 | Missing Authorization vulnerability in Redhat Pagure Pagure 3.3.0 and earlier is vulnerable to loss of confidentially due to improper authorization | 7.5 |
| 2017-09-14 | CVE-2017-1002007 | Missing Authorization vulnerability in Dtracker Project Dtracker 1.5 Vulnerability in wordpress plugin DTracker v1.5, The code dtracker/save_mail.php doesn't check that the user is authorized before injecting new contacts into the wp_contact table. | 7.5 |
| 2017-09-14 | CVE-2017-1002006 | Missing Authorization vulnerability in Dtracker Project Dtracker 1.5 Vulnerability in wordpress plugin DTracker v1.5, The code dtracker/save_contact.php doesn't check that the user is authorized before injecting new contacts into the wp_contact table. | 7.5 |
| 2017-08-18 | CVE-2017-12582 | Missing Authorization vulnerability in Qnap Ts-212P Firmware 4.2.1 Unprivileged user can access all functions in the Surveillance Station component in QNAP TS212P devices with firmware 4.2.1 build 20160601. | 9.8 |
| 2017-08-01 | CVE-2017-11135 | Missing Authorization vulnerability in Stashcat Heinekingmedia 0.0.80W/0.0.86W/1.7.5 An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for Web, and through 0.0.86 for Desktop. | 7.5 |
| 2017-07-28 | CVE-2017-6251 | Missing Authorization vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler where a missing permissions check may allow users to gain access to arbitrary physical system memory, which may lead to an escalation of privileges. | 7.8 |
| 2017-07-17 | CVE-2017-1000056 | Missing Authorization vulnerability in Kubernetes Kubernetes version 1.5.0-1.5.4 is vulnerable to a privilege escalation in the PodSecurityPolicy admission plugin resulting in the ability to make use of any existing PodSecurityPolicy object. | 9.8 |
| 2017-06-19 | CVE-2017-4985 | Missing Authorization vulnerability in EMC Vnx1 Firmware and Vnx2 Firmware In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions prior to OE for File 7.1.80.8, a local authenticated user may potentially escalate their privileges to root due to authorization checks not being performed on certain perl scripts. | 7.8 |
| 2017-06-14 | CVE-2017-7914 | Missing Authorization vulnerability in Rockwellautomation Panelview Plus 6 700-1500 Firmware A Missing Authorization issue was discovered in Rockwell Automation PanelView Plus 6 700-1500 6.00.04, 6.00.05, 6.00.42, 6.00-20140306, 6.10.20121012, 6.10-20140122, 7.00-20121012, 7.00-20130108, 7.00-20130325, 7.00-20130619, 7.00-20140128, 7.00-20140310, 7.00-20140429, 7.00-20140621, 7.00-20140729, 7.00-20141022, 8.00-20140730, and 8.00-20141023. | 8.6 |
| 2017-06-14 | CVE-2017-7677 | Missing Authorization vulnerability in Apache Ranger In environments that use external location for hive tables, Hive Authorizer in Apache Ranger before 0.7.1 should be checking RWX permission for create table. | 5.9 |