Vulnerabilities > Missing Authorization

DATE	CVE	VULNERABILITY TITLE	RISK
2022-12-06	CVE-2022-42782	Missing Authorization vulnerability in Google Android 10.0/11.0/12.0 In wlan driver, there is a possible missing permission check, This could lead to local information disclosure. local low complexity google CWE-862	5.5
2022-12-06	CVE-2022-44009	Missing Authorization vulnerability in Stackstorm 3.7.0 Improper access control in Key-Value RBAC in StackStorm version 3.7.0 didn't check the permissions in Jinja filters, allowing attackers to access K/V pairs of other users, potentially leading to the exposure of sensitive Information. network low complexity stackstorm CWE-862	7.5
2022-12-05	CVE-2022-41807	Missing Authorization vulnerability in Kyocera products Missing authorization vulnerability exists in Kyocera Document Solutions MFPs and printers, which may allow a network-adjacent attacker to alter the product settings without authentication by sending a specially crafted request. low complexity kyocera CWE-862	6.5
2022-11-29	CVE-2022-32966	Missing Authorization vulnerability in Realtek Rtl8111Fp-Cg Firmware 3.0.0.2019090/5.0.10/5.0.23 RTL8168FP-CG Dash remote management function has missing authorization. low complexity realtek CWE-862	6.5
2022-11-28	CVE-2022-24190	Missing Authorization vulnerability in Sz-Fujia Ourphoto 1.4.1 The /device/acceptBind end-point for Ourphoto App version 1.4.1 does not require authentication or authorization. network low complexity sz-fujia CWE-862	7.5
2022-11-28	CVE-2022-4169	Missing Authorization vulnerability in Theme and Plugin Translation for Polylang Project Theme and Plugin Translation for Polylang The Theme and plugin translation for Polylang is vulnerable to authorization bypass in versions up to, and including, 3.2.16 due to missing capability checks in the process_polylang_theme_translation_wp_loaded() function. network low complexity theme-and-plugin-translation-for-polylang-project CWE-862	5.3
2022-11-23	CVE-2022-41929	Missing Authorization vulnerability in Xwiki org.xwiki.platform:xwiki-platform-oldcore is missing authorization in User#setDisabledStatus, which may allow an incorrectly authorized user with only Script rights to enable or disable a user. network low complexity xwiki CWE-862	4.9
2022-11-23	CVE-2022-41930	Missing Authorization vulnerability in Xwiki org.xwiki.platform:xwiki-platform-user-profile-ui is missing authorization to enable or disable users. network low complexity xwiki CWE-862	8.2
2022-11-22	CVE-2022-41937	Missing Authorization vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. network low complexity xwiki CWE-862	8.1
2022-11-18	CVE-2022-43482	Missing Authorization vulnerability in Codepeople Appointment Booking Calendar Missing Authorization vulnerability in Appointment Booking Calendar plugin <= 1.3.69 on WordPress. network low complexity codepeople CWE-862	8.8

Vulnerabilities > Missing Authorization {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Missing Authorization"}]}

Vulnerabilities > Missing Authorization