Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-15 | CVE-2021-3987 | Missing Authorization vulnerability in Janeczku Calibre-Web An improper access control vulnerability exists in janeczku/calibre-web. | 4.3 |
| 2024-11-15 | CVE-2024-10582 | Missing Authorization vulnerability in Smartwpress Music Player for Elementor The Music Player for Elementor – Audio Player & Podcast Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the import_mpfe_template() function in all versions up to, and including, 2.4.1. | 4.3 |
| 2024-11-15 | CVE-2024-10897 | Missing Authorization vulnerability in Themeum Tutor LMS Elementor Addons The Tutor LMS Elementor Addons plugin for WordPress is vulnerable to unauthorized plugin installation due to a missing capability check on the install_etlms_dependency_plugin() function in all versions up to, and including, 2.1.5. | 4.3 |
| 2024-11-14 | CVE-2022-31666 | Missing Authorization vulnerability in Linuxfoundation Harbor Harbor fails to validate user permissions while deleting Webhook policies, allowing malicious users to view, update and delete Webhook policies of other users. The attacker could modify Webhook policies configured in other projects. | 5.4 |
| 2024-11-13 | CVE-2024-40661 | Missing Authorization vulnerability in Google Android In mayAdminGrantPermission of AdminRestrictedPermissionsUtils.java, there is a possible way to access the microphone due to a missing permission check. | 7.8 |
| 2024-11-13 | CVE-2024-40671 | Missing Authorization vulnerability in Google Android In DevmemIntChangeSparse2 of devicemem_server.c, there is a possible way to achieve arbitrary code execution due to a missing permission check. | 7.8 |
| 2024-11-13 | CVE-2024-43088 | Missing Authorization vulnerability in Google Android In multiple functions in AppInfoBase.java, there is a possible way to manipulate app permission settings belonging to another user on the device due to a missing permission check. | 7.8 |
| 2024-11-13 | CVE-2024-43089 | Missing Authorization vulnerability in Google Android In updateInternal of MediaProvider.java , there is a possible access of another app's files due to a missing permission check. | 7.8 |
| 2024-11-13 | CVE-2024-43090 | Missing Authorization vulnerability in Google Android In multiple locations, there is a possible cross-user image read due to a missing permission check. | 5.0 |
| 2024-11-13 | CVE-2024-10802 | The Hash Elements plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the hash_elements_get_posts_title_by_id() function in all versions up to, and including, 1.4.7. | 5.3 |