Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-01 | CVE-2021-4388 | Missing Authorization vulnerability in Wpopal Opal Estate 1.6.11 The Opal Estate plugin for WordPress is vulnerable to featured property modifications in versions up to, and including, 1.6.11. | 5.3 |
| 2023-07-01 | CVE-2023-30586 | Missing Authorization vulnerability in Nodejs Node.Js A privilege escalation vulnerability exists in Node.js 20 that allowed loading arbitrary OpenSSL engines when the experimental permission model is enabled, which can bypass and/or disable the permission model. | 7.5 |
| 2023-06-30 | CVE-2023-36144 | Missing Authorization vulnerability in Intelbras SG 2404 MR Firmware 1.00.54 An authentication bypass in Intelbras Switch SG 2404 MR in firmware 1.00.54 allows an unauthenticated attacker to download the backup file of the device, exposing critical information about the device configuration. | 7.5 |
| 2023-06-28 | CVE-2023-21149 | Missing Authorization vulnerability in Google Android In registerGsmaServiceIntentReceiver of ShannonRcsService.java, there is a possible way to activate/deactivate RCS service due to a missing permission check. | 7.8 |
| 2023-06-28 | CVE-2023-21173 | Missing Authorization vulnerability in Google Android 13.0 In multiple methods of DataUsageList.java, there is a possible way to learn about admin user's network activities due to a missing permission check. | 5.5 |
| 2023-06-28 | CVE-2023-21177 | Missing Authorization vulnerability in Google Android 13.0 In requestAppKeyboardShortcuts of WindowManagerService.java, there is a possible way to infer the app a user is interacting with due to a missing permission check. | 5.5 |
| 2023-06-28 | CVE-2023-21185 | Missing Authorization vulnerability in Google Android 13.0 In multiple functions of WifiNetworkFactory.java, there is a missing permission check. | 7.8 |
| 2023-06-27 | CVE-2023-35998 | Missing Authorization vulnerability in Proofpoint Insider Threat Management Server A missing authorization check in multiple SOAP endpoints of the Insider Threat Management Server enables an attacker on an adjacent network to read and write unauthorized objects. | 4.6 |
| 2023-06-27 | CVE-2023-36000 | Missing Authorization vulnerability in Proofpoint Insider Threat Management Server A missing authorization check in the MacOS agent configuration endpoint of the Insider Threat Management Server enables an anonymous attacker on an adjacent network to obtain sensitive information. | 6.5 |
| 2023-06-27 | CVE-2023-36002 | Missing Authorization vulnerability in Proofpoint Insider Threat Management Server A missing authorization check in multiple URL validation endpoints of the Insider Threat Management Server enables an anonymous attacker on an adjacent network to smuggle content via DNS lookups. | 4.3 |