Vulnerabilities > Missing Authorization
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-08-03 | CVE-2023-30950 | Missing Authorization vulnerability in Palantir Foundry Campaigns The foundry campaigns service was found to be vulnerable to an unauthenticated information disclosure in a rest endpoint | 5.9 |
2023-08-03 | CVE-2023-4124 | Missing Authorization vulnerability in Answer Missing Authorization in GitHub repository answerdev/answer prior to v1.1.1. | 6.5 |
2023-08-02 | CVE-2023-3426 | Missing Authorization vulnerability in Liferay Digital Experience Platform and Liferay Portal The organization selector in Liferay Portal 7.4.3.81 through 7.4.3.85, and Liferay DXP 7.4 update 81 through 85 does not check user permission, which allows remote authenticated users to obtain a list of all organizations. | 4.3 |
2023-07-31 | CVE-2023-38989 | Missing Authorization vulnerability in Jeesite 1.2.6 An issue in the delete function in the UserController class of jeesite v1.2.6 allows authenticated attackers to arbitrarily delete the Administrator's role information. | 4.3 |
2023-07-27 | CVE-2023-38510 | Missing Authorization vulnerability in Tolgee Tolgee is an open-source localization platform. | 8.1 |
2023-07-26 | CVE-2023-3442 | Missing Authorization vulnerability in Jenkins Servicenow Devops A missing authorization vulnerability exists in versions of the Jenkins Plug-in for ServiceNow DevOps prior to 1.38.1 that, if exploited successfully, could cause the unwanted exposure of sensitive information. To address this issue, apply the 1.38.1 version of the Jenkins plug-in for ServiceNow DevOps on your Jenkins server. | 7.5 |
2023-07-26 | CVE-2022-43712 | Missing Authorization vulnerability in Gxsoftware Xperiencentral POST requests to /web/mvc in GX Software XperienCentral version 10.36.0 and earlier were not blocked for uses that are not logged in. | 6.5 |
2023-07-26 | CVE-2023-37049 | Missing Authorization vulnerability in Emlog 2.1.9 emlog 2.1.9 is vulnerable to Arbitrary file deletion via admin\template.php. | 6.5 |
2023-07-21 | CVE-2023-26301 | Missing Authorization vulnerability in HP products Certain HP LaserJet Pro print products are potentially vulnerable to an Elevation of Privilege and/or Information Disclosure related to a lack of authentication with certain endpoints. | 9.8 |
2023-07-20 | CVE-2023-3072 | Missing Authorization vulnerability in Hashicorp Nomad HashiCorp Nomad and Nomad Enterprise 0.7.0 up to 1.5.6 and 1.4.10 ACL policies using a block without a label generates unexpected results. | 3.8 |