Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-11 | CVE-2018-2494 | Incorrect Authorization vulnerability in SAP Business Application Software Integrated Solution Necessary authorization checks for an authenticated user, resulting in escalation of privileges, have been fixed in SAP Basis AS ABAP of SAP NetWeaver 700 to 750, from 750 onwards delivered as ABAP Platform. | 8.0 |
| 2018-12-07 | CVE-2018-7079 | Incorrect Authorization vulnerability in Arubanetworks Clearpass Policy Manager Aruba ClearPass Policy Manager guest authorization failure. | 7.2 |
| 2018-11-30 | CVE-2018-15767 | Incorrect Authorization vulnerability in Dell Openmanage Network Manager 6.5.0/6.5.2 The Dell OpenManage Network Manager virtual appliance versions prior to 6.5.3 contain an improper authorization vulnerability caused by a misconfiguration in the /etc/sudoers file. | 8.8 |
| 2018-11-28 | CVE-2018-14748 | Incorrect Authorization vulnerability in Qnap QTS Improper Authorization vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3 build 20180829, QTS 4.2.6 build 20180829 and earlier versions could allow remote attackers to power off the NAS. | 7.5 |
| 2018-11-27 | CVE-2018-7988 | Incorrect Authorization vulnerability in Huawei Mate 9 PRO Firmware and Nova 2 Plus Firmware There is a Factory Reset Protection (FRP) bypass vulnerability on several smartphones. | 4.6 |
| 2018-11-27 | CVE-2018-13356 | Incorrect Authorization vulnerability in Terra-Master Terramaster Operating System 3.1.03 Incorrect access control on ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to elevate user permissions. | 8.8 |
| 2018-11-26 | CVE-2018-13324 | Incorrect Authorization vulnerability in Buffalo Ts5600D1206 Firmware 3.610.10 Incorrect access control in nasapi in Buffalo TS5600D1206 version 3.61-0.10 allows attackers to bypass authentication by sending a modified HTTP Host header. | 9.8 |
| 2018-11-16 | CVE-2018-18955 | Incorrect Authorization vulnerability in multiple products In the Linux kernel 4.15.x through 4.19.x before 4.19.2, map_write() in kernel/user_namespace.c allows privilege escalation because it mishandles nested user namespaces with more than 5 UID or GID ranges. | 7.0 |
| 2018-11-16 | CVE-2018-15693 | Incorrect Authorization vulnerability in Inova-Software Inova Partner 5.0.5 Inova Partner 5.0.5-RELEASE, Build 0510-0906 and earlier allows authenticated users authorization bypass via insecure direct object reference. | 6.4 |
| 2018-11-16 | CVE-2018-15692 | Incorrect Authorization vulnerability in Inova-Software Inova Partner 5.0.5 Inova Partner 5.0.5-RELEASE, Build 0510-0906 and earlier allows authenticated users authorization bypass and data manipulation in certain functions. | 6.4 |