Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-27 | CVE-2023-49003 | Missing Authorization vulnerability in Simplemobiletools Simple Dialer 5.18.1 An issue in simplemobiletools Simple Dialer 5.18.1 allows an attacker to bypass intended access restrictions via interaction with com.simplemobiletools.dialer.activities.DialerActivity. | 5.3 |
| 2023-12-19 | CVE-2023-46212 | Missing Authorization vulnerability in Wpvnteam WP Extra Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability in TienCOP WP EXtra allows Accessing Functionality Not Properly Constrained by ACLs, Cross Site Request Forgery.This issue affects WP EXtra: from n/a through 6.2. | 8.8 |
| 2023-12-18 | CVE-2023-5949 | Missing Authorization vulnerability in Wpmudev Smartcrawl The SmartCrawl WordPress plugin before 3.8.3 does not prevent unauthorised users from accessing password-protected posts' content. | 7.5 |
| 2023-12-18 | CVE-2023-5056 | Missing Authorization vulnerability in Redhat Service Interconnect 1.0 A flaw was found in the Skupper operator, which may permit a certain configuration to create a service account that would allow an authenticated attacker in the adjacent cluster to view deployments in all namespaces in the cluster. | 4.1 |
| 2023-12-18 | CVE-2023-50976 | Missing Authorization vulnerability in Redpanda Redpanda before 23.1.21 and 23.2.x before 23.2.18 has missing authorization checks in the Transactions API. | 9.8 |
| 2023-12-14 | CVE-2023-48676 | Missing Authorization vulnerability in Acronis Cyber Protect Cloud Agent 21/22/23 Sensitive information disclosure and manipulation due to missing authorization. | 7.1 |
| 2023-12-13 | CVE-2023-50765 | Missing Authorization vulnerability in Jenkins Scriptler A missing permission check in Jenkins Scriptler Plugin 342.v6a_89fd40f466 and earlier allows attackers with Overall/Read permission to read the contents of a Groovy script by knowing its ID. | 4.3 |
| 2023-12-13 | CVE-2023-50767 | Missing Authorization vulnerability in Jenkins Nexus Platform 3.18.003 Missing permission checks in Jenkins Nexus Platform Plugin 3.18.0-03 and earlier allow attackers with Overall/Read permission to send an HTTP request to an attacker-specified URL and parse the response as XML. | 5.4 |
| 2023-12-13 | CVE-2023-50769 | Missing Authorization vulnerability in Jenkins Nexus Platform 3.18.003 Missing permission checks in Jenkins Nexus Platform Plugin 3.18.0-03 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 4.3 |
| 2023-12-13 | CVE-2023-50779 | Missing Authorization vulnerability in Jenkins Paaslane Estimate 1.0.4 Missing permission checks in Jenkins PaaSLane Estimate Plugin 1.0.4 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified URL using an attacker-specified token. | 4.3 |