Vulnerabilities > Missing Authorization
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-02-07 | CVE-2022-21953 | Missing Authorization vulnerability in Suse Rancher A Missing Authorization vulnerability in of SUSE Rancher allows authenticated user to create an unauthorized shell pod and kubectl access in the local cluster This issue affects: SUSE Rancher Rancher versions prior to 2.5.17; Rancher versions prior to 2.6.10; Rancher versions prior to 2.7.1. | 8.8 |
2023-02-06 | CVE-2021-31576 | Missing Authorization vulnerability in Mediatek En7528 Firmware and En7580 Firmware In Boa, there is a possible information disclosure due to a missing permission check. | 7.5 |
2023-02-06 | CVE-2021-31577 | Missing Authorization vulnerability in Mediatek En7528 Firmware and En7580 Firmware In Boa, there is a possible escalation of privilege due to a missing permission check. | 9.8 |
2023-02-06 | CVE-2022-48166 | Missing Authorization vulnerability in Wavlink Wl-Wn530Hg4 Firmware M30Hg4.V5030.201217 An access control issue in Wavlink WL-WN530HG4 M30HG4.V5030.201217 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials. | 7.5 |
2023-02-06 | CVE-2021-36225 | Missing Authorization vulnerability in Westerndigital MY Cloud OS Western Digital My Cloud devices before OS5 allow REST API access by low-privileged accounts, as demonstrated by API commands for firmware uploads and installation. | 8.8 |
2023-02-04 | CVE-2023-0678 | Missing Authorization vulnerability in PHPipam Missing Authorization in GitHub repository phpipam/phpipam prior to v1.5.1. | 5.3 |
2023-02-03 | CVE-2022-42909 | Missing Authorization vulnerability in Wepanow Print Away WEPA Print Away does not verify that a user has authorization to access documents before generating print orders and associated release codes. | 5.4 |
2023-01-30 | CVE-2022-4872 | Missing Authorization vulnerability in Chained products Project Chained products The Chained Products WordPress plugin before 2.12.0 does not have authorisation and CSRF checks, as well as does not ensure that the option to be updated belong to the plugin, allowing unauthenticated attackers to set arbitrary options to 'no' | 4.3 |
2023-01-28 | CVE-2023-22737 | Missing Authorization vulnerability in Wire wire-server provides back end services for Wire, a team communication and collaboration platform. | 6.5 |
2023-01-27 | CVE-2022-39811 | Missing Authorization vulnerability in Italtel Netmatch-S CI 5.2.020211008 Italtel NetMatch-S CI 5.2.0-20211008 has incorrect Access Control under NMSCI-WebGui/advancedsettings.jsp and NMSCIWebGui/SaveFileUploader. | 9.1 |