Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-11 | CVE-2023-33992 | Missing Authorization vulnerability in SAP Business Warehouse and Bw/4Hana The SAP BW BICS communication layer in SAP Business Warehouse and SAP BW/4HANA - version SAP_BW 730, SAP_BW 731, SAP_BW 740, SAP_BW 730, SAP_BW 750, DW4CORE 100, DW4CORE 200, DW4CORE 300, may expose unauthorized cell values to the data response. | 6.5 |
| 2023-07-10 | CVE-2023-2796 | Missing Authorization vulnerability in Myeventon Eventon The EventON WordPress plugin before 2.1.2 lacks authentication and authorization in its eventon_ics_download ajax action, allowing unauthenticated visitors to access private and password protected Events by guessing their numeric id. | 5.3 |
| 2023-07-10 | CVE-2023-3076 | Missing Authorization vulnerability in Inspireui Mstore API The MStore API WordPress plugin before 3.9.9 does not prevent visitors from creating user accounts with the role of their choice via their wholesale REST API endpoint. | 9.8 |
| 2023-07-06 | CVE-2023-20899 | Missing Authorization vulnerability in VMWare Sd-Wan Edge Firmware VMware SD-WAN (Edge) contains a bypass authentication vulnerability. | 7.5 |
| 2023-07-06 | CVE-2023-30195 | Missing Authorization vulnerability in Lineagrafica Lgdetailedorder In the module "Detailed Order" (lgdetailedorder) in version up to 1.1.20 from Linea Grafica for PrestaShop, a guest can download personal informations without restriction formatted in json. | 7.5 |
| 2023-07-06 | CVE-2023-35937 | Missing Authorization vulnerability in Metersphere Metersphere is an open source continuous testing platform. | 8.8 |
| 2023-07-05 | CVE-2023-35940 | Missing Authorization vulnerability in Glpi-Project Glpi GLPI is a free asset and IT management software package. | 7.5 |
| 2023-07-05 | CVE-2023-36624 | Missing Authorization vulnerability in Loxone Miniserver GO GEN 2 Firmware Loxone Miniserver Go Gen.2 through 14.0.3.28 allows an authenticated operating system user to escalate privileges via the Sudo configuration. | 7.8 |
| 2023-07-05 | CVE-2023-3482 | Missing Authorization vulnerability in Mozilla Firefox When Firefox is configured to block storage of all cookies, it was still possible to store data in localstorage by using an iframe with a source of 'about:blank'. | 6.5 |
| 2023-07-04 | CVE-2023-20772 | Missing Authorization vulnerability in Google Android 12.0/13.0 In vow, there is a possible escalation of privilege due to a missing permission check. | 6.7 |