Vulnerabilities > Missing Authorization
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-12-17 | CVE-2019-16566 | Missing Authorization vulnerability in Jenkins Team Concert A missing permission check in Jenkins Team Concert Plugin 1.3.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 6.5 |
2019-12-12 | CVE-2019-15932 | Missing Authorization vulnerability in Intesync Solismed 3.3 Intesync Solismed 3.3sp has Incorrect Access Control. | 9.8 |
2019-12-11 | CVE-2019-19604 | Missing Authorization vulnerability in multiple products Arbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because a "git submodule update" operation can run commands found in the .gitmodules file of a malicious repository. | 7.8 |
2019-12-10 | CVE-2019-13748 | Missing Authorization vulnerability in multiple products Insufficient policy enforcement in developer tools in Google Chrome prior to 79.0.3945.79 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | 6.5 |
2019-12-06 | CVE-2019-2229 | Missing Authorization vulnerability in Google Android In updateWidget of BaseWidgetProvider.java, there is a possible leak of user data due to a missing permission check. | 5.5 |
2019-12-06 | CVE-2019-2218 | Missing Authorization vulnerability in Google Android 10.0 In createSessionInternal of PackageInstallerService.java, there is a possible improper permission grant due to a missing permission check. | 7.8 |
2019-12-06 | CVE-2019-12734 | Missing Authorization vulnerability in Sitevision 4.0/5.0 SiteVision 4 has Incorrect Access Control. | 8.8 |
2019-11-26 | CVE-2019-15998 | Missing Authorization vulnerability in Cisco IOS XR 6.5.1/6.5.2/6.5.3 A vulnerability in the access-control logic of the NETCONF over Secure Shell (SSH) of Cisco IOS XR Software may allow connections despite an access control list (ACL) that is configured to deny access to the NETCONF over SSH of an affected device. | 5.3 |
2019-11-25 | CVE-2019-5865 | Missing Authorization vulnerability in Google Chrome Insufficient policy enforcement in navigations in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. | 6.5 |
2019-11-25 | CVE-2019-13673 | Missing Authorization vulnerability in Google Chrome Insufficient data validation in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 7.4 |