Vulnerabilities > Missing Authorization
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-30 | CVE-2023-21321 | Missing Authorization vulnerability in Google Android In Package Manager, there is a possible cross-user settings disclosure due to a missing permission check. | 5.5 |
2023-10-30 | CVE-2023-21328 | Missing Authorization vulnerability in Google Android In Package Installer, there is a possible way to determine whether an app is installed, without query permissions, due to a missing permission check. | 7.8 |
2023-10-30 | CVE-2023-21329 | Missing Authorization vulnerability in Google Android In Activity Manager, there is a possible way to determine whether an app is installed due to a missing permission check. | 5.5 |
2023-10-30 | CVE-2023-21340 | Missing Authorization vulnerability in Google Android In Telecomm, there is a possible way to get the call state due to a missing permission check. | 5.5 |
2023-10-30 | CVE-2023-21341 | Missing Authorization vulnerability in Google Android In Permission Manager, there is a possible way to bypass required permissions due to a missing permission check. | 7.8 |
2023-10-30 | CVE-2023-5251 | Missing Authorization vulnerability in G5Theme Grid Plus 1.3.2 The Grid Plus plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the 'grid_plus_save_layout_callback' and 'grid_plus_delete_callback' functions in versions up to, and including, 1.3.2. | 5.4 |
2023-10-26 | CVE-2023-30969 | Missing Authorization vulnerability in Palantir Tiles The Palantir Tiles1 service was found to be vulnerable to an API wide issue where the service was not performing authentication/authorization on all the endpoints. | 6.5 |
2023-10-25 | CVE-2023-37910 | Missing Authorization vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 8.1 |
2023-10-25 | CVE-2023-43488 | Missing Authorization vulnerability in Boschrexroth products The vulnerability allows a low privileged (untrusted) application to modify a critical system property that should be denied, in order to enable the ADB (Android Debug Bridge) protocol to be exposed on the network, exploiting it to gain a privileged shell on the device without requiring the physical access through USB. | 7.8 |
2023-10-25 | CVE-2023-46652 | Missing Authorization vulnerability in Jenkins Lambdatest-Automation A missing permission check in Jenkins lambdatest-automation Plugin 1.20.9 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of LAMBDATEST credentials stored in Jenkins. | 4.3 |