Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-09 | CVE-2020-2135 | Incorrect Authorization vulnerability in Jenkins Script Security Sandbox protection in Jenkins Script Security Plugin 1.70 and earlier could be circumvented through crafted method calls on objects that implement GroovyInterceptable. | 8.8 |
| 2020-03-09 | CVE-2020-2134 | Incorrect Authorization vulnerability in Jenkins Script Security Sandbox protection in Jenkins Script Security Plugin 1.70 and earlier could be circumvented through crafted constructor calls and crafted constructor bodies. | 8.8 |
| 2020-03-04 | CVE-2020-8664 | Incorrect Authorization vulnerability in Cncf Envoy 1.13.0 CNCF Envoy through 1.13.0 has incorrect Access Control when using SDS with Combined Validation Context. | 5.0 |
| 2020-03-04 | CVE-2020-5251 | Incorrect Authorization vulnerability in Parseplatform Parse-Server In parser-server before version 4.1.0, you can fetch all the users objects, by using regex in the NoSQL query. | 5.0 |
| 2020-02-28 | CVE-2020-9399 | Incorrect Authorization vulnerability in Avast products The Avast AV parsing engine allows virus-detection bypass via a crafted ZIP archive. | 4.3 |
| 2020-02-27 | CVE-2020-3873 | Incorrect Authorization vulnerability in Apple Ipados and Iphone OS This issue was addressed with improved setting propagation. | 2.1 |
| 2020-02-27 | CVE-2020-3866 | Incorrect Authorization vulnerability in Apple mac OS X This was addressed with additional checks by Gatekeeper on files mounted through a network share. | 4.3 |
| 2020-02-27 | CVE-2020-3844 | Incorrect Authorization vulnerability in Apple Ipados and Iphone OS This issue was addressed with improved checks. | 2.1 |
| 2020-02-27 | CVE-2020-3923 | Incorrect Authorization vulnerability in Tonnet products DVR firmware in TAT-76 and TAT-77 series of products, provided by TONNET, contain misconfigured authentication mechanism. | 10.0 |
| 2020-02-25 | CVE-2020-9379 | Incorrect Authorization vulnerability in Mitel Micontact Center Business 8.0/9.0.0.0/9.0.1.0 The Software Development Kit of the MiContact Center Business with Site Based Security 8.0 through 9.0.1.0 before KB496276 allows an authenticated user to access sensitive information. | 4.0 |