Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-10 | CVE-2019-13748 | Missing Authorization vulnerability in multiple products Insufficient policy enforcement in developer tools in Google Chrome prior to 79.0.3945.79 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | 6.5 |
| 2019-12-06 | CVE-2019-2229 | Missing Authorization vulnerability in Google Android In updateWidget of BaseWidgetProvider.java, there is a possible leak of user data due to a missing permission check. | 5.5 |
| 2019-12-06 | CVE-2019-2218 | Missing Authorization vulnerability in Google Android 10.0 In createSessionInternal of PackageInstallerService.java, there is a possible improper permission grant due to a missing permission check. | 7.8 |
| 2019-12-06 | CVE-2019-12734 | Missing Authorization vulnerability in Sitevision 4.0/5.0 SiteVision 4 has Incorrect Access Control. | 8.8 |
| 2019-11-26 | CVE-2019-15998 | Missing Authorization vulnerability in Cisco IOS XR 6.5.1/6.5.2/6.5.3 A vulnerability in the access-control logic of the NETCONF over Secure Shell (SSH) of Cisco IOS XR Software may allow connections despite an access control list (ACL) that is configured to deny access to the NETCONF over SSH of an affected device. | 5.3 |
| 2019-11-25 | CVE-2019-5865 | Missing Authorization vulnerability in Google Chrome Insufficient policy enforcement in navigations in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. | 6.5 |
| 2019-11-25 | CVE-2019-13673 | Missing Authorization vulnerability in Google Chrome Insufficient data validation in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 7.4 |
| 2019-11-25 | CVE-2019-14822 | Missing Authorization vulnerability in multiple products A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. | 7.1 |
| 2019-11-22 | CVE-2019-18610 | Missing Authorization vulnerability in multiple products An issue was discovered in manager.c in Sangoma Asterisk through 13.x, 16.x, 17.x and Certified Asterisk 13.21 through 13.21-cert4. | 8.8 |
| 2019-11-22 | CVE-2019-18790 | Missing Authorization vulnerability in multiple products An issue was discovered in channels/chan_sip.c in Sangoma Asterisk 13.x before 13.29.2, 16.x before 16.6.2, and 17.x before 17.0.1, and Certified Asterisk 13.21 before cert5. | 6.5 |