Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-31 | CVE-2010-2548 | Incorrect Authorization vulnerability in Redhat Icedtea6 1.7 IcedTea6 before 1.7.4 does not properly check property access, which allows unsigned apps to read and write arbitrary files. | 6.4 |
| 2019-10-31 | CVE-2018-21030 | Incorrect Authorization vulnerability in Jupyter Notebook Jupyter Notebook before 5.5.0 does not use a CSP header to treat served files as belonging to a separate origin. | 5.0 |
| 2019-10-29 | CVE-2019-5533 | Incorrect Authorization vulnerability in VMWare Sd-Wan BY Velocloud In VMware SD-WAN by VeloCloud versions 3.x prior to 3.3.0, the VeloCloud Orchestrator parameter authorization check mistakenly allows enterprise users to obtain information of Managed Service Provider accounts. | 4.0 |
| 2019-10-29 | CVE-2009-3723 | Incorrect Authorization vulnerability in multiple products asterisk allows calls on prohibited networks | 5.0 |
| 2019-10-29 | CVE-2019-4311 | Incorrect Authorization vulnerability in IBM Security Guardium BIG Data Intelligence 4.0 IBM Security Guardium Big Data Intelligence (SonarG) 4.0 discloses sensitive information to unauthorized users. | 5.3 |
| 2019-10-23 | CVE-2019-6144 | Incorrect Authorization vulnerability in Forcepoint ONE Endpoint 19.04/19.08 This vulnerability allows a normal (non-admin) user to disable the Forcepoint One Endpoint (versions 19.04 through 19.08) and bypass DLP and Web protection. | 4.0 |
| 2019-10-15 | CVE-2019-14832 | Incorrect Authorization vulnerability in Redhat Keycloak A flaw was found in the Keycloak REST API before version 8.0.0 where it would permit user access from a realm the user was not configured. | 6.0 |
| 2019-09-27 | CVE-2019-9364 | Incorrect Authorization vulnerability in Google Android 10.0 In AudioService, there is a possible trigger of background user audio due to a permissions bypass. | 2.1 |
| 2019-09-27 | CVE-2019-9272 | Incorrect Authorization vulnerability in Google Android 10.0 In WiFi, there is a possible leak of WiFi state due to a permissions bypass. | 2.1 |
| 2019-09-25 | CVE-2019-12671 | Incorrect Authorization vulnerability in Cisco IOS XE 16.11.1 A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to gain shell access on an affected device and execute commands on the underlying operating system (OS). | 7.8 |