Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-10 | CVE-2024-45591 | Missing Authorization vulnerability in Xwiki XWiki Platform is a generic wiki platform. | 5.3 |
| 2024-09-10 | CVE-2024-45393 | Missing Authorization vulnerability in Cvat Computer Vision Annotation Tool Computer Vision Annotation Tool (CVAT) is an interactive video and image annotation tool for computer vision. | 6.4 |
| 2024-09-10 | CVE-2024-8369 | Missing Authorization vulnerability in Metagauss Eventprime The EventPrime – Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to unauthorized access to Private or Password-protected events due to missing authorization checks in all versions up to, and including, 4.0.4.3. | 5.3 |
| 2024-09-10 | CVE-2024-41728 | Missing Authorization vulnerability in SAP Netweaver Application Server Abap Due to missing authorization check, SAP NetWeaver Application Server for ABAP and ABAP Platform allows an attacker logged in as a developer to read objects contained in a package. | 2.7 |
| 2024-09-10 | CVE-2024-44112 | Missing Authorization vulnerability in SAP OIL %/ GAS Due to missing authorization check in SAP for Oil & Gas (Transportation and Distribution), an attacker authenticated as a non-administrative user could call a remote-enabled function which will allow them to delete non-sensitive entries in a user data table. | 4.3 |
| 2024-09-09 | CVE-2024-8042 | Missing Authorization vulnerability in Rapid7 Insight Platform Rapid7 Insight Platform versions between November 2019 and August 14, 2024 suffer from missing authorization issues whereby an attacker can intercept local requests to set the name and description of a new user group. | 3.1 |
| 2024-09-06 | CVE-2023-39298 | Missing Authorization vulnerability in Qnap QTS and Quts Hero A missing authorization vulnerability has been reported to affect several QNAP operating system versions. | 7.8 |
| 2024-09-06 | CVE-2024-44408 | Missing Authorization vulnerability in Dlink Dir-823G Firmware 1.0.2B0520181207 D-Link DIR-823G v1.0.2B05_20181207 is vulnerable to Information Disclosure. | 7.5 |
| 2024-09-06 | CVE-2024-7622 | Missing Authorization vulnerability in Jetplugs Revision Manager TMC The Revision Manager TMC plugin for WordPress is vulnerable to unauthorized arbitrary email sending due to a missing capability check on the _a_ajaxQuickEmailTestCallback() function in all versions up to, and including, 2.8.19. | 4.3 |
| 2024-09-06 | CVE-2024-8427 | Missing Authorization vulnerability in Wpshuffle Frontend Post Submission Manager The Frontend Post Submission Manager Lite – Frontend Posting WordPress Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_global_settings and process_form_edit functions in all versions up to, and including, 1.2.2. | 4.3 |