Vulnerabilities > Missing Authorization
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-10-10 | CVE-2022-2350 | Missing Authorization vulnerability in Brainvire Disable User Login 1.0.1 The Disable User Login WordPress plugin through 1.0.1 does not have authorisation and CSRF checks when updating its settings, allowing unauthenticated attackers to block (or unblock) users at will. | 5.3 |
2022-10-07 | CVE-2022-39289 | Missing Authorization vulnerability in Zoneminder ZoneMinder is a free, open source Closed-circuit television software application. | 7.5 |
2022-10-07 | CVE-2022-39861 | Missing Authorization vulnerability in Samsung Factorycamera 2.1.96 Unprotected Receiver in AtBroadcastReceiver in FactoryCamera prior to version 3.5.51 allows attackers to record video without camera privilege. | 3.3 |
2022-10-06 | CVE-2022-39222 | Missing Authorization vulnerability in Linuxfoundation DEX Dex is an identity service that uses OpenID Connect to drive authentication for other apps. | 6.5 |
2022-10-03 | CVE-2022-3124 | Missing Authorization vulnerability in Najeebmedia Frontend File Manager The Frontend File Manager Plugin WordPress plugin before 21.3 allows any unauthenticated user to rename uploaded files from users. | 5.3 |
2022-09-30 | CVE-2022-40316 | Missing Authorization vulnerability in multiple products The H5P activity attempts report did not filter by groups, which in separate groups mode could reveal information to non-editing teachers about attempts/users in groups they should not have access to. | 4.3 |
2022-09-29 | CVE-2022-36068 | Missing Authorization vulnerability in Discourse Discourse is an open source discussion platform. | 4.3 |
2022-09-29 | CVE-2020-15337 | Missing Authorization vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1 Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a "Use of GET Request Method With Sensitive Query Strings" issue for /registerCpe requests. | 5.3 |
2022-09-29 | CVE-2020-15338 | Missing Authorization vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1 Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a "Use of GET Request Method With Sensitive Query Strings" issue for /cnr requests. | 5.3 |
2022-09-26 | CVE-2021-28052 | Missing Authorization vulnerability in Hitach Vantara A tenant administrator Hitachi Content Platform (HCP) may modify the configuration in another tenant without authorization, potentially allowing unauthorized access to data in the other tenant. | 4.9 |