Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-26 | CVE-2019-19989 | Missing Authorization vulnerability in Seling Visual Access Manager 4.15.0/4.29.0 An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29. | 7.5 |
| 2020-02-19 | CVE-2012-0055 | Missing Authorization vulnerability in multiple products OverlayFS in the Linux kernel before 3.0.0-16.28, as used in Ubuntu 10.0.4 LTS and 11.10, is missing inode security checks which could allow attackers to bypass security restrictions and perform unauthorized actions. | 7.8 |
| 2020-02-19 | CVE-2012-6614 | Missing Authorization vulnerability in Dlink Dsr-250N Firmware D-Link DSR-250N devices before 1.08B31 allow remote authenticated users to obtain "persistent root access" via the BusyBox CLI, as demonstrated by overwriting the super user password. | 7.2 |
| 2020-02-18 | CVE-2013-4226 | Missing Authorization vulnerability in Drupal Authenticated User Page Caching The Authenticated User Page Caching (Authcache) module 7.x-1.x before 7.x-1.5 for Drupal does not properly restrict access to cached pages, which allows remote attackers with the same role-combination as the superuser to obtain sensitive information via the cached pages of the superuser. | 6.5 |
| 2020-02-13 | CVE-2020-0023 | Missing Authorization vulnerability in Google Android 10.0 In setPhonebookAccessPermission of AdapterService.java, there is a possible disclosure of user contacts over bluetooth due to a missing permission check. | 5.5 |
| 2020-02-12 | CVE-2020-6188 | Missing Authorization vulnerability in SAP ERP and S/4 Hana VAT Pro-Rata reports in SAP ERP (SAP_APPL versions 600, 602, 603, 604, 605, 606, 616 and SAP_FIN versions 617, 618, 700, 720, 730) and SAP S/4 HANA (versions 100, 101, 102, 103, 104) do not perform necessary authorization checks for an authenticated user leading to Missing Authorization Check. | 8.8 |
| 2020-02-12 | CVE-2020-6183 | Missing Authorization vulnerability in SAP Host Agent 7.21 SAP Host Agent, version 7.21, allows an unprivileged user to read the shared memory or write to the shared memory by sending request to the main SAPOSCOL process and receive responses that may contain data read with user root privileges e.g. | 6.5 |
| 2020-02-11 | CVE-2020-6393 | Missing Authorization vulnerability in multiple products Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
| 2020-02-07 | CVE-2020-8811 | Missing Authorization vulnerability in Bludit 3.10.0 ajax/profile-picture-upload.php in Bludit 3.10.0 allows authenticated users to change other users' profile pictures. | 4.3 |
| 2020-02-06 | CVE-2020-8772 | Missing Authorization vulnerability in Revmakx Infinitewp Client The InfiniteWP Client plugin before 1.9.4.5 for WordPress has a missing authorization check in iwp_mmb_set_request in init.php. | 9.8 |