Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-20 | CVE-2021-41082 | Incorrect Authorization vulnerability in Discourse Discourse is a platform for community discussion. | 7.5 |
| 2021-09-20 | CVE-2020-16630 | Incorrect Authorization vulnerability in TI products TI’s BLE stack caches and reuses the LTK’s property for a bonded mobile. | 6.8 |
| 2021-09-20 | CVE-2019-16651 | Incorrect Authorization vulnerability in Virginmedia Super HUB 3 Firmware An issue was discovered on Virgin Media Super Hub 3 (based on ARRIS TG2492) devices. | 5.3 |
| 2021-09-15 | CVE-2021-40639 | Incorrect Authorization vulnerability in Jflyfox Jfinal CMS 5.1.0 Improper access control in Jfinal CMS 5.1.0 allows attackers to access sensitive information via /classes/conf/db.properties&config=filemanager.config.js. | 7.5 |
| 2021-09-15 | CVE-2020-21124 | Incorrect Authorization vulnerability in Ureport Project Ureport 2.2.9 UReport 2.2.9 allows attackers to execute arbitrary code due to a lack of access control to the designer page. | 9.8 |
| 2021-09-09 | CVE-2021-28911 | Incorrect Authorization vulnerability in Bab-Technologie Eibport Firmware 3.8.2/3.8.3 BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to /tmp path which contains some sensitive data (e.g. | 9.8 |
| 2021-09-09 | CVE-2021-22239 | Incorrect Authorization vulnerability in Gitlab An unauthorized user was able to insert metadata when creating new issue on GitLab CE/EE 14.0 and later. | 4.3 |
| 2021-09-08 | CVE-2021-28567 | Incorrect Authorization vulnerability in Magento Magento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are vulnerable to an Improper Authorization vulnerability in the customers module. | 6.5 |
| 2021-09-08 | CVE-2021-35526 | Incorrect Authorization vulnerability in Hitachiabb-Powergrids Sdm600 Firmware Backup file without encryption vulnerability is found in Hitachi ABB Power Grids System Data Manager – SDM600 allows attacker to gain access to sensitive information. | 7.8 |
| 2021-09-08 | CVE-2021-1854 | Incorrect Authorization vulnerability in Apple Iphone OS A call termination issue with was addressed with improved logic. | 4.3 |