Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-16 | CVE-2019-10442 | Missing Authorization vulnerability in Jenkins Icescrum A missing permission check in Jenkins iceScrum Plugin 1.1.5 and earlier allowed attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials. | 4.3 |
| 2019-10-16 | CVE-2019-10439 | Missing Authorization vulnerability in Jenkins CRX Content Package Deployer A missing permission check in Jenkins CRX Content Package Deployer Plugin 1.8.1 and earlier in various 'doFillCredentialsIdItems' methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins. | 4.3 |
| 2019-10-16 | CVE-2019-10438 | Missing Authorization vulnerability in Jenkins CRX Content Package Deployer A missing permission check in Jenkins CRX Content Package Deployer Plugin 1.8.1 and earlier allowed attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 6.5 |
| 2019-10-15 | CVE-2019-12944 | Missing Authorization vulnerability in Gluehome Glue Smart Lock Firmware 2.7.8 Glue Smart Lock 2.7.8 devices do not properly block guest access in certain situations where the network connection is unavailable. | 7.5 |
| 2019-10-11 | CVE-2019-2110 | Missing Authorization vulnerability in Google Android 9.0 In ScreenRotationAnimation of ScreenRotationAnimation.java, there is a possible capture of a secure screen due to a missing permission check. | 5.5 |
| 2019-10-08 | CVE-2019-0367 | Missing Authorization vulnerability in SAP Netweaver Process Integration 1.0/2.0 SAP NetWeaver Process Integration (B2B Toolkit), before versions 1.0 and 2.0, does not perform necessary authorization checks for an authenticated user, allowing the import of B2B table content that leads to Missing Authorization Check. | 4.3 |
| 2019-10-01 | CVE-2019-17055 | Missing Authorization vulnerability in multiple products base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21. | 3.3 |
| 2019-09-27 | CVE-2019-9380 | Missing Authorization vulnerability in Google Android 10.0 In the settings UI, there is a possible spoofing vulnerability due to a missing permission check. | 6.5 |
| 2019-09-27 | CVE-2019-9377 | Missing Authorization vulnerability in Google Android 10.0 In FingerprintService, there is a possible bypass for operating system protections that isolate user profiles from each other due to a missing permission check. | 3.3 |
| 2019-09-27 | CVE-2019-9351 | Missing Authorization vulnerability in Google Android 10.0 In SyncStatusObserver, there is a possible bypass for operating system protections that isolate user profiles from each other due to a missing permission check. | 3.3 |