Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-27 | CVE-2023-36000 | Missing Authorization vulnerability in Proofpoint Insider Threat Management Server A missing authorization check in the MacOS agent configuration endpoint of the Insider Threat Management Server enables an anonymous attacker on an adjacent network to obtain sensitive information. | 6.5 |
| 2023-06-27 | CVE-2023-36002 | Missing Authorization vulnerability in Proofpoint Insider Threat Management Server A missing authorization check in multiple URL validation endpoints of the Insider Threat Management Server enables an anonymous attacker on an adjacent network to smuggle content via DNS lookups. | 4.3 |
| 2023-06-27 | CVE-2023-22834 | Missing Authorization vulnerability in Palantir Contour The Contour Service was not checking that users had permission to create an analysis for a given dataset. | 4.3 |
| 2023-06-26 | CVE-2023-35164 | Missing Authorization vulnerability in Dataease DataEase is an open source data visualization analysis tool to analyze data and gain insight into business trends. | 6.5 |
| 2023-06-26 | CVE-2023-34463 | Missing Authorization vulnerability in Dataease DataEase is an open source data visualization analysis tool to analyze data and gain insight into business trends. | 8.1 |
| 2023-06-23 | CVE-2023-36348 | Missing Authorization vulnerability in Codekop 2.0 POS Codekop v2.0 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the filename parameter. | 8.8 |
| 2023-06-22 | CVE-2023-35093 | Missing Authorization vulnerability in Stylemixthemes Masterstudy LMS Broken Access Control vulnerability in StylemixThemes MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin <= 3.0.8 versions allows any logged-in users, such as subscribers to view the "Orders" of the plugin and get the data related to the order like email, username, and more. | 6.5 |
| 2023-06-19 | CVE-2023-3315 | Missing Authorization vulnerability in Jenkins Team Concert Missing permission checks in Jenkins Team Concert Plugin 2.4.1 and earlier allow attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system. | 4.3 |
| 2023-06-19 | CVE-2022-48491 | Missing Authorization vulnerability in Huawei Emui Vulnerability of missing authentication on certain HUAWEI phones.Successful exploitation of this vulnerability can lead to ads and other windows to display at any time. | 5.3 |
| 2023-06-19 | CVE-2022-46850 | Missing Authorization vulnerability in Easy Media Replace Project Easy Media Replace Auth. | 8.1 |