Vulnerabilities > Missing Authorization
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-26 | CVE-2024-23388 | Missing Authorization vulnerability in Mercari 3.51.0/3.52.0/4.49.1 Improper authorization in handler for custom URL scheme issue in "Mercari" App for Android prior to version 5.78.0 allows a remote attacker to lead a user to access an arbitrary website via the vulnerable App. | 6.1 |
2024-01-25 | CVE-2024-21630 | Missing Authorization vulnerability in Zulip Server Zulip is an open-source team collaboration tool. | 4.3 |
2024-01-25 | CVE-2024-0617 | Missing Authorization vulnerability in Quanticedgesolutions Category Discount Woocommerce The Category Discount Woocommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpcd_save_discount() function in all versions up to, and including, 4.12. | 5.3 |
2024-01-24 | CVE-2023-50944 | Missing Authorization vulnerability in Apache Airflow Apache Airflow, versions before 2.8.1, have a vulnerability that allows an authenticated user to access the source code of a DAG to which they don't have access. This vulnerability is considered low since it requires an authenticated user to exploit it. | 6.5 |
2024-01-22 | CVE-2024-23752 | Missing Authorization vulnerability in Gabrieleventuri Pandasai GenerateSDFPipeline in synthetic_dataframe in PandasAI (aka pandas-ai) through 1.5.17 allows attackers to trigger the generation of arbitrary Python code that is executed by SDFCodeExecutor. | 9.8 |
2024-01-20 | CVE-2024-0679 | Missing Authorization vulnerability in Themegrill Colormag The ColorMag theme for WordPress is vulnerable to unauthorized access due to a missing capability check on the plugin_action_callback() function in all versions up to, and including, 3.1.2. | 6.5 |
2024-01-18 | CVE-2023-48339 | Missing Authorization vulnerability in Google Android 11.0/12.0/13.0 In jpg driver, there is a possible missing permission check. | 4.4 |
2024-01-17 | CVE-2022-42884 | Missing Authorization vulnerability in Themeinprogress WIP Custom Login Missing Authorization vulnerability in ThemeinProgress WIP Custom Login.This issue affects WIP Custom Login: from n/a through 1.2.7. | 8.8 |
2024-01-17 | CVE-2022-41786 | Missing Authorization vulnerability in Wpjobportal WP JOB Portal Missing Authorization vulnerability in WP Job Portal WP Job Portal – A Complete Job Board.This issue affects WP Job Portal – A Complete Job Board: from n/a through 2.0.1. | 9.8 |
2024-01-17 | CVE-2022-41790 | Missing Authorization vulnerability in Codepeople WP Time Slots Booking Form Missing Authorization vulnerability in CodePeople WP Time Slots Booking Form.This issue affects WP Time Slots Booking Form: from n/a through 1.1.76. | 8.8 |