Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-11 | CVE-2019-1289 | Incorrect Authorization vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows Update Delivery Optimization does not properly enforce file share permissions, aka 'Windows Update Delivery Optimization Elevation of Privilege Vulnerability'. | 5.5 |
| 2019-09-09 | CVE-2019-16114 | Incorrect Authorization vulnerability in Atutor In ATutor 2.2.4, an unauthenticated attacker can change the application settings and force it to use his crafted database, which allows him to gain access to the application. | 9.8 |
| 2019-09-06 | CVE-2019-14813 | Incorrect Authorization vulnerability in multiple products A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. | 9.8 |
| 2019-09-05 | CVE-2019-2175 | Incorrect Authorization vulnerability in Google Android 9.0 In checkAccess of SliceManagerService.java in Android 9, there is a possible permissions check bypass due to incorrect order of arguments. | 7.8 |
| 2019-09-03 | CVE-2019-14817 | Incorrect Authorization vulnerability in multiple products A flaw was found in, ghostscript versions prior to 9.50, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. | 7.8 |
| 2019-09-03 | CVE-2019-14811 | Incorrect Authorization vulnerability in multiple products A flaw was found in, ghostscript versions prior to 9.50, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. | 7.8 |
| 2019-08-29 | CVE-2019-11247 | Incorrect Authorization vulnerability in multiple products The Kubernetes kube-apiserver mistakenly allows access to a cluster-scoped custom resource if the request is made as if the resource were namespaced. | 8.1 |
| 2019-08-23 | CVE-2019-8446 | Incorrect Authorization vulnerability in Atlassian Jira Server The /rest/issueNav/1/issueTable resource in Jira before version 8.3.2 allows remote attackers to enumerate usernames via an incorrect authorisation check. | 5.3 |
| 2019-08-10 | CVE-2019-14924 | Incorrect Authorization vulnerability in Gcdwebserver Project Gcdwebserver An issue was discovered in GCDWebServer before 3.5.3. | 7.5 |
| 2019-08-09 | CVE-2018-20826 | Incorrect Authorization vulnerability in Atlassian Jira The inline-create rest resource in Jira before version 7.12.3 allows authenticated remote attackers to set the reporter in issues via a missing authorisation check. | 4.3 |