Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-10 | CVE-2020-28397 | Incorrect Authorization vulnerability in Siemens products A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. | 5.3 |
| 2021-08-09 | CVE-2021-25954 | Incorrect Authorization vulnerability in Dolibarr In “Dolibarr” application, 2.8.1 to 13.0.4 don’t restrict or incorrectly restricts access to a resource from an unauthorized actor. | 4.3 |
| 2021-08-06 | CVE-2021-38137 | Incorrect Authorization vulnerability in Corero Securewatch Managed Services 9.7.2.0020 Corero SecureWatch Managed Services 9.7.2.0020 does not correctly check swa-monitor and cns-monitor user’s privileges, allowing a user to perform actions not belonging to his role. | 8.1 |
| 2021-08-05 | CVE-2021-22240 | Incorrect Authorization vulnerability in Gitlab Improper access control in GitLab EE versions 13.11.6, 13.12.6, and 14.0.2 allows users to be created via single sign on despite user cap being enabled | 4.3 |
| 2021-08-03 | CVE-2020-19301 | Incorrect Authorization vulnerability in Vaethink 1.0.1 A vulnerability in the vae_admin_rule database table of vaeThink v1.0.1 allows attackers to execute arbitrary code via a crafted payload in the condition parameter. | 9.8 |
| 2021-08-03 | CVE-2021-33335 | Incorrect Authorization vulnerability in Liferay DXP and Liferay Portal Privilege escalation vulnerability in Liferay Portal 7.0.3 through 7.3.4, and Liferay DXP 7.1 before fix pack 20, and 7.2 before fix pack 9 allows remote authenticated users with permission to update/edit users to take over a company administrator user account by editing the company administrator user. | 7.2 |
| 2021-08-03 | CVE-2021-30571 | Incorrect Authorization vulnerability in multiple products Insufficient policy enforcement in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |
| 2021-08-02 | CVE-2021-22389 | Incorrect Authorization vulnerability in Huawei Emui and Magic UI There is a Permission Control Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause certain codes to be executed. | 9.8 |
| 2021-08-02 | CVE-2021-22398 | Incorrect Authorization vulnerability in Huawei products There is a logic error vulnerability in several smartphones. | 4.6 |
| 2021-07-30 | CVE-2021-22521 | Incorrect Authorization vulnerability in Microfocus products A privileged escalation vulnerability has been identified in Micro Focus ZENworks Configuration Management, affecting version 2020 Update 1 and all prior versions. | 6.7 |