Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-19 | CVE-2021-37598 | Incorrect Authorization vulnerability in Wpcerber WP Cerber WP Cerber before 8.9.3 allows bypass of /wp-json access control via a trailing ? character. | 5.3 |
| 2021-08-19 | CVE-2021-39138 | Incorrect Authorization vulnerability in Parseplatform Parse-Server Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. | 6.5 |
| 2021-08-17 | CVE-2021-0645 | Incorrect Authorization vulnerability in Google Android 11.0 In shouldBlockFromTree of ExternalStorageProvider.java, there is a possible permissions bypass. | 7.8 |
| 2021-08-17 | CVE-2021-32829 | Incorrect Authorization vulnerability in Zstack Rest API ZStack is open source IaaS(infrastructure as a service) software aiming to automate datacenters, managing resources of compute, storage, and networking all by APIs. | 9.9 |
| 2021-08-16 | CVE-2020-18701 | Incorrect Authorization vulnerability in Talelin Lin-Cms-Flask 0.1.1 Incorrect Access Control in Lin-CMS-Flask v0.1.1 allows remote attackers to obtain sensitive information and/or gain privileges due to the application not invalidating a user's authentication token upon logout, which allows for replaying packets. | 9.8 |
| 2021-08-13 | CVE-2021-37705 | Incorrect Authorization vulnerability in Microsoft Onefuzz OneFuzz is an open source self-hosted Fuzzing-As-A-Service platform. | 10.0 |
| 2021-08-12 | CVE-2021-27793 | Incorrect Authorization vulnerability in Broadcom Fabric Operating System ntermittent authorization failure in aaa tacacs+ with Brocade Fabric OS versions before Brocade Fabric OS v9.0.1b and after 9.0.0, also in Brocade Fabric OS before Brocade Fabric OS v8.2.3a and after v8.2.0 could cause a user with a valid account to be unable to log into the switch. | 5.3 |
| 2021-08-11 | CVE-2020-25564 | Incorrect Authorization vulnerability in Sapphireims 5.0 In SapphireIMS 5.0, it is possible to create local administrator on any client with credentials of a non-privileged user by directly accessing RemoteMgmtTaskSave (Automation Tasks) feature. | 8.8 |
| 2021-08-10 | CVE-2020-28397 | Incorrect Authorization vulnerability in Siemens products A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. | 5.3 |
| 2021-08-09 | CVE-2021-25954 | Incorrect Authorization vulnerability in Dolibarr In “Dolibarr” application, 2.8.1 to 13.0.4 don’t restrict or incorrectly restricts access to a resource from an unauthorized actor. | 4.3 |