Vulnerabilities > Missing Authorization
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-08-25 | CVE-2023-40530 | Missing Authorization vulnerability in Skylark Improper authorization in handler for custom URL scheme issue in 'Skylark' App for Android 6.2.13 and earlier and 'Skylark' App for iOS 6.2.13 and earlier allows an attacker to lead a user to access an arbitrary website via another application installed on the user's device. | 4.7 |
2023-08-24 | CVE-2023-38508 | Missing Authorization vulnerability in Enalean Tuleap Tuleap is an open source suite to improve management of software developments and collaboration. | 4.3 |
2023-08-22 | CVE-2020-23793 | Missing Authorization vulnerability in Spice-Space Spice-Server 0.14.06El76.1 An issue was discovered in spice-server spice-server-0.14.0-6.el7_6.1.x86_64 of Redhat's VDI product. | 8.6 |
2023-08-21 | CVE-2023-4302 | Missing Authorization vulnerability in Jenkins Fortify A missing permission check in Jenkins Fortify Plugin 22.1.38 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 4.3 |
2023-08-20 | CVE-2023-4434 | Missing Authorization vulnerability in Hamza417 Inure Missing Authorization in GitHub repository hamza417/inure prior to build88. | 6.1 |
2023-08-16 | CVE-2023-40344 | Missing Authorization vulnerability in Jenkins Delphix A missing permission check in Jenkins Delphix Plugin 3.0.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | 4.3 |
2023-08-16 | CVE-2023-39507 | Missing Authorization vulnerability in Recruit Rikunabi Next Improper authorization in the custom URL scheme handler in "Rikunabi NEXT" App for Android prior to ver. | 6.1 |
2023-08-15 | CVE-2023-40027 | Missing Authorization vulnerability in Keystonejs Keystone Keystone is an open source headless CMS for Node.js — built with GraphQL and React. | 5.3 |
2023-08-15 | CVE-2023-39438 | Missing Authorization vulnerability in SAP Contributor License Agreement Assistant A missing authorization check allows an arbitrary authenticated user to perform certain operations through the API of CLA-assistant by executing specific additional steps. | 8.1 |
2023-08-14 | CVE-2023-21234 | Missing Authorization vulnerability in Google Android 11.0/13.0 In launchConfirmationActivity of ChooseLockSettingsHelper.java, there is a possible way to enable developer options without the lockscreen PIN due to a missing permission check. | 5.5 |