Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-08 | CVE-2023-52352 | Missing Authorization vulnerability in Google Android 13.0/14.0 In Network Adapter Service, there is a possible missing permission check. | 5.5 |
| 2024-03-11 | CVE-2024-0052 | Missing Authorization vulnerability in Google Android 14.0 In multiple functions of healthconnect, there is a possible leakage of exercise route data due to a missing permission check. | 3.3 |
| 2024-03-07 | CVE-2024-28230 | Missing Authorization vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.1.25893 attaching/detaching workflow to a project was possible without project admin permissions | 6.5 |
| 2024-02-16 | CVE-2024-0037 | Missing Authorization vulnerability in Google Android In applyCustomDescription of SaveUi.java, there is a possible way to view images belonging to a different user due to a missing permission check. | 3.3 |
| 2024-02-16 | CVE-2024-0038 | Missing Authorization vulnerability in Google Android 14.0 In injectInputEventToInputFilter of AccessibilityManagerService.java, there is a possible arbitrary input event injection due to a missing permission check. | 7.8 |
| 2024-02-15 | CVE-2023-40105 | Missing Authorization vulnerability in Google Android In backupAgentCreated of ActivityManagerService.java, there is a possible way to leak sensitive data due to a missing permission check. | 5.5 |
| 2024-02-15 | CVE-2023-40113 | Missing Authorization vulnerability in Google Android In multiple locations, there is a possible way for apps to access cross-user message data due to a missing permission check. | 5.5 |
| 2024-02-13 | CVE-2023-26562 | Missing Authorization vulnerability in Zimbra Collaboration 8.8.15/9.0.0 In Zimbra Collaboration (ZCS) 8.8.15 and 9.0, a closed account (with 2FA and generated passwords) can send e-mail messages when configured for Imap/smtp. | 6.5 |
| 2024-02-10 | CVE-2024-0595 | Missing Authorization vulnerability in Getawesomesupport Awesome Support The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the wpas_get_users() function hooked via AJAX in all versions up to, and including, 6.1.7. | 4.3 |
| 2024-02-09 | CVE-2024-1122 | Missing Authorization vulnerability in Themewinter Eventin The Event Manager, Events Calendar, Events Tickets for WooCommerce – Eventin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_data() function in all versions up to, and including, 3.3.50. | 5.3 |