Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-31 | CVE-2019-12837 | Incorrect Authorization vulnerability in Gencat Portal D'Acces a LA Universitat 1.7.5 The Java API in accesuniversitat.gencat.cat 1.7.5 allows remote attackers to get personal information of all registered students via several API endpoints. | 4.3 |
| 2019-12-30 | CVE-2018-20498 | Incorrect Authorization vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. | 4.3 |
| 2019-12-30 | CVE-2018-20494 | Incorrect Authorization vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. | 7.5 |
| 2019-12-30 | CVE-2018-20493 | Incorrect Authorization vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. | 4.3 |
| 2019-12-30 | CVE-2019-4343 | Incorrect Authorization vulnerability in multiple products IBM Cognos Analytics 11.0 and 11.1 allows overly permissive cross-origin resource sharing which could allow an attacker to transfer private information. | 6.5 |
| 2019-12-27 | CVE-2013-4985 | Incorrect Authorization vulnerability in Vivotek Ip7160 Firmware, Ip7361 Firmware and Ip8332 Firmware Multiple Vivotek IP Cameras remote authentication bypass that could allow access to the video stream | 7.5 |
| 2019-12-26 | CVE-2018-20492 | Incorrect Authorization vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. | 5.3 |
| 2019-12-26 | CVE-2019-19681 | Incorrect Authorization vulnerability in Artica Pandora FMS 7.0 Pandora FMS 7.x suffers from remote code execution vulnerability. | 8.8 |
| 2019-12-26 | CVE-2019-19984 | Incorrect Authorization vulnerability in Icegram Email Subscribers & Newsletters The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed users with edit_post capabilities to manage plugin settings and email campaigns. | 6.3 |
| 2019-12-24 | CVE-2017-16778 | Incorrect Authorization vulnerability in Fermax Outdoor Panel Firmware An access control weakness in the DTMF tone receiver of Fermax Outdoor Panel allows physical attackers to inject a Dual-Tone-Multi-Frequency (DTMF) tone to invoke an access grant that would allow physical access to a restricted floor/level. | 4.6 |