Vulnerabilities > Incorrect Authorization
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-11-30 | CVE-2021-4026 | Incorrect Authorization vulnerability in Bookstackapp Bookstack bookstack is vulnerable to Improper Access Control | 4.0 |
2021-11-29 | CVE-2021-24842 | Incorrect Authorization vulnerability in Bulk Datetime Change Project Bulk Datetime Change The Bulk Datetime Change WordPress plugin before 1.12 does not enforce capability checks which allows users with Contributor roles to 1) list private post titles of other users and 2) change the posted date of other users' posts. | 5.4 |
2021-11-19 | CVE-2021-22966 | Incorrect Authorization vulnerability in Concretecms Concrete CMS Privilege escalation from Editor to Admin using Groups in Concrete CMS versions 8.5.6 and below. | 6.5 |
2021-11-19 | CVE-2021-39234 | Incorrect Authorization vulnerability in Apache Ozone In Apache Ozone versions prior to 1.2.0, Authenticated users knowing the ID of an existing block can craft specific request allowing access those blocks, bypassing other security checks like ACL. | 4.9 |
2021-11-17 | CVE-2021-33058 | Incorrect Authorization vulnerability in Intel Administrative Tools for Intel Network Adapters 1.4.0.15 Improper access control in the installer Intel(R)Administrative Tools for Intel(R) Network Adaptersfor Windowsbefore version 1.4.0.21 may allow an unauthenticated user to potentially enable escalation of privilege via local access. | 4.6 |
2021-11-17 | CVE-2021-33118 | Incorrect Authorization vulnerability in Intel Serial IO Driver for Intel NUC 11 GEN Improper access control in the software installer for the Intel(R) Serial IO driver for Intel(R) NUC 11 Gen before version 30.100.2104.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | 4.6 |
2021-11-17 | CVE-2021-43553 | Incorrect Authorization vulnerability in Osisoft PI Vision 2017/2019 PI Vision could disclose information to a user with insufficient privileges for an AF attribute that is the child of another attribute and is configured as a Limits property. | 4.0 |
2021-11-15 | CVE-2021-41244 | Incorrect Authorization vulnerability in Grafana Grafana is an open-source platform for monitoring and observability. | 6.5 |
2021-11-12 | CVE-2021-36305 | Incorrect Authorization vulnerability in Dell EMC Powerscale Onefs Dell PowerScale OneFS contains an Unsynchronized Access to Shared Data in a Multithreaded Context in SMB CA handling. | 4.0 |
2021-11-12 | CVE-2021-3577 | Incorrect Authorization vulnerability in Binatoneglobal products An unauthenticated remote code execution vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker on the same network unauthorized access to the device. | 5.8 |