Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-01 | CVE-2021-28504 | Incorrect Authorization vulnerability in Arista EOS On Arista Strata family products which have “TCAM profile” feature enabled when Port IPv4 access-list has a rule which matches on “vxlan” as protocol then that rule and subsequent rules ( rules declared after it in ACL ) do not match on IP protocol field as expected. | 7.5 |
| 2022-04-01 | CVE-2021-32960 | Incorrect Authorization vulnerability in Rockwellautomation Factorytalk Services Platform Rockwell Automation FactoryTalk Services Platform v6.11 and earlier, if FactoryTalk Security is enabled and deployed contains a vulnerability that may allow a remote, authenticated attacker to bypass FactoryTalk Security policies based on the computer name. | 8.8 |
| 2022-03-31 | CVE-2021-37517 | Incorrect Authorization vulnerability in Dolibarr Erp/Crm 13.0.2 An Access Control vulnerability exists in Dolibarr ERP/CRM 13.0.2, fixed version is 14.0.0,in the forgot-password function becuase the application allows email addresses as usernames, which can cause a Denial of Service. | 7.5 |
| 2022-03-30 | CVE-2021-39789 | Incorrect Authorization vulnerability in Google Android 12.1 In Telecom, there is a possible leak of TTY mode change due to a missing permission check. | 7.8 |
| 2022-03-30 | CVE-2021-39790 | Incorrect Authorization vulnerability in Google Android 12.1 In Dialer, there is a possible way to manipulate visual voicemail settings due to a missing permission check. | 7.8 |
| 2022-03-30 | CVE-2021-3456 | Incorrect Authorization vulnerability in Theforeman Smart Proxy Salt An improper authorization handling flaw was found in Foreman. | 7.1 |
| 2022-03-30 | CVE-2022-1177 | Incorrect Authorization vulnerability in Open-Emr Openemr Accounting User Can Download Patient Reports in openemr in GitHub repository openemr/openemr prior to 6.1.0. | 4.3 |
| 2022-03-30 | CVE-2020-24771 | Incorrect Authorization vulnerability in Nexusphp 1.5 Incorrect access control in NexusPHP 1.5.beta5.20120707 allows unauthorized attackers to access published content. | 7.5 |
| 2022-03-28 | CVE-2021-39876 | Incorrect Authorization vulnerability in Gitlab In all versions of GitLab CE/EE since version 11.3, the endpoint for auto-completing Assignee discloses the members of private groups. | 4.3 |
| 2022-03-25 | CVE-2022-24783 | Incorrect Authorization vulnerability in Deno Deno is a runtime for JavaScript and TypeScript. | 10.0 |