Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-22 | CVE-2019-9924 | Missing Authorization vulnerability in multiple products rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell. | 7.8 |
| 2019-03-21 | CVE-2018-4059 | Missing Authorization vulnerability in Coturn Project Coturn An exploitable unsafe default configuration vulnerability exists in the TURN server function of coTURN prior to version 4.5.0.9. | 9.8 |
| 2019-03-21 | CVE-2018-17491 | Missing Authorization vulnerability in Hidglobal Easylobby Solo 11.0.4563 EasyLobby Solo could allow a local attacker to gain elevated privileges on the system. | 7.8 |
| 2019-03-21 | CVE-2018-17490 | Missing Authorization vulnerability in Hidglobal Easylobby Solo 11.0.4563 EasyLobby Solo is vulnerable to a denial of service. | 7.1 |
| 2019-03-21 | CVE-2018-10093 | Missing Authorization vulnerability in Audiocodes 420Hd IP Phone Firmware 2.2.12.126 AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 allow Remote Code Execution. | 8.8 |
| 2019-03-13 | CVE-2019-9742 | Missing Authorization vulnerability in Gdata-Software Total Security 25.4.0.3 gdwfpcd.sys in G Data Total Security before 2019-02-22 allows an attacker to bypass ACLs because Interpreted Device Characteristics lacks FILE_DEVICE_SECURE_OPEN and therefore files and directories "inside" the \\.\gdwfpcd device are not properly protected, leading to unintended impersonation or object creation. | 7.5 |
| 2019-03-12 | CVE-2019-0270 | Missing Authorization vulnerability in SAP products ABAP Server of SAP NetWeaver and ABAP Platform fail to perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. | 8.8 |
| 2019-03-12 | CVE-2019-9713 | Missing Authorization vulnerability in Joomla Joomla! An issue was discovered in Joomla! before 3.9.4. | 7.5 |
| 2019-03-08 | CVE-2019-1003037 | Missing Authorization vulnerability in Jenkins Azure VM Agents An information exposure vulnerability exists in Jenkins Azure VM Agents Plugin 0.8.0 and earlier in src/main/java/com/microsoft/azure/vmagent/AzureVMCloud.java that allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | 6.5 |
| 2019-03-08 | CVE-2019-1003036 | Missing Authorization vulnerability in Jenkins Azure VM Agents A data modification vulnerability exists in Jenkins Azure VM Agents Plugin 0.8.0 and earlier in src/main/java/com/microsoft/azure/vmagent/AzureVMAgent.java that allows attackers with Overall/Read permission to attach a public IP address to an Azure VM agent. | 4.3 |