Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-03 | CVE-2019-14811 | Incorrect Authorization vulnerability in multiple products A flaw was found in, ghostscript versions prior to 9.50, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. | 7.8 |
| 2019-08-29 | CVE-2019-11247 | Incorrect Authorization vulnerability in multiple products The Kubernetes kube-apiserver mistakenly allows access to a cluster-scoped custom resource if the request is made as if the resource were namespaced. | 8.1 |
| 2019-08-23 | CVE-2019-8446 | Incorrect Authorization vulnerability in Atlassian Jira Server The /rest/issueNav/1/issueTable resource in Jira before version 8.3.2 allows remote attackers to enumerate usernames via an incorrect authorisation check. | 5.3 |
| 2019-08-14 | CVE-2019-1192 | Incorrect Authorization vulnerability in Microsoft Edge and Internet Explorer A security feature bypass vulnerability exists when Microsoft browsers improperly handle requests of different origins. | 4.3 |
| 2019-08-10 | CVE-2019-14924 | Incorrect Authorization vulnerability in Gcdwebserver Project Gcdwebserver An issue was discovered in GCDWebServer before 3.5.3. | 7.5 |
| 2019-08-09 | CVE-2018-20826 | Incorrect Authorization vulnerability in Atlassian Jira The inline-create rest resource in Jira before version 7.12.3 allows authenticated remote attackers to set the reporter in issues via a missing authorisation check. | 4.3 |
| 2019-08-07 | CVE-2019-1912 | Incorrect Authorization vulnerability in Cisco products A vulnerability in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an unauthenticated, remote attacker to upload arbitrary files. | 9.1 |
| 2019-07-26 | CVE-2019-13386 | Incorrect Authorization vulnerability in Centos-Webpanel Centos web Panel 0.9.8.846 In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, a hidden action=9 feature in filemanager2.php allows attackers to execute a shell command, i.e., obtain a reverse shell with user privilege. | 8.8 |
| 2019-07-23 | CVE-2019-11724 | Incorrect Authorization vulnerability in multiple products Application permissions give additional remote troubleshooting permission to the site input.mozilla.org, which has been retired and now redirects to another site. | 6.1 |
| 2019-07-17 | CVE-2019-1010084 | Incorrect Authorization vulnerability in Dancer::Plugin::Simplecrud Project Dancer::Plugin::Simplecrud Dancer::Plugin::SimpleCRUD 1.14 and earlier is affected by: Incorrect Access Control. | 6.5 |