Vulnerabilities > Improper Authorization
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-06-02 | CVE-2022-29236 | Improper Authorization vulnerability in Bigbluebutton BigBlueButton is an open source web conferencing system. | 4.3 |
2022-03-11 | CVE-2022-0860 | Improper Authorization vulnerability in multiple products Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2. | 9.1 |
2022-03-02 | CVE-2022-0829 | Improper Authorization vulnerability in Webmin Improper Authorization in GitHub repository webmin/webmin prior to 1.990. | 5.5 |
2022-02-15 | CVE-2022-0587 | Improper Authorization vulnerability in Librenms Improper Authorization in Packagist librenms/librenms prior to 22.2.0. | 4.0 |
2021-11-19 | CVE-2021-42338 | Improper Authorization vulnerability in 4Mosan GCB Doctor 20210811/20210916 4MOSAn GCB Doctor’s login page has improper validation of Cookie, which allows an unauthenticated remote attacker to bypass authentication by code injection in cookie, and arbitrarily manipulate the system or interrupt services by upload and execution of arbitrary files. | 10.0 |
2021-07-12 | CVE-2021-32688 | Improper Authorization vulnerability in multiple products Nextcloud Server is a Nextcloud package that handles data storage. | 8.8 |
2021-03-19 | CVE-2019-14828 | Improper Authorization vulnerability in Moodle A vulnerability was found in Moodle affecting 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versions, where users with the capability to create courses were assigned as a teacher in those courses, regardless of whether they had the capability to be automatically assigned that role. | 4.0 |
2020-11-05 | CVE-2020-24431 | Improper Authorization vulnerability in Adobe products Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) for macOS are affected by a security feature bypass that could result in dynamic library code injection by the Adobe Reader process. | 5.8 |
2020-09-09 | CVE-2020-6311 | Improper Authorization vulnerability in SAP products Banking services from SAP 9.0 (Bank Analyzer), version - 500, and SAP S/4HANA for financial products subledger, version ? 100, does not correctly perform necessary authorization checks for an authenticated user due to Improper Authorization checks, that may cause a system administrator to create incorrect authorization proposals. | 6.5 |
2019-09-05 | CVE-2019-12635 | Improper Authorization vulnerability in Cisco Content Security Management Appliance A vulnerability in the authorization module of Cisco Content Security Management Appliance (SMA) Software could allow an authenticated, remote attacker to gain out-of-scope access to email. | 4.0 |