Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-07 | CVE-2021-30533 | Incorrect Authorization vulnerability in multiple products Insufficient policy enforcement in PopupBlocker in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass navigation restrictions via a crafted iframe. | 6.5 |
| 2021-06-07 | CVE-2021-30534 | Incorrect Authorization vulnerability in multiple products Insufficient policy enforcement in iFrameSandbox in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | 6.5 |
| 2021-06-07 | CVE-2021-30537 | Incorrect Authorization vulnerability in multiple products Insufficient policy enforcement in cookies in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass cookie policy via a crafted HTML page. | 4.3 |
| 2021-06-07 | CVE-2021-30538 | Incorrect Authorization vulnerability in multiple products Insufficient policy enforcement in content security policy in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page. | 4.3 |
| 2021-06-07 | CVE-2021-30539 | Incorrect Authorization vulnerability in multiple products Insufficient policy enforcement in content security policy in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page. | 5.4 |
| 2021-06-06 | CVE-2021-33881 | Incorrect Authorization vulnerability in NXP products On NXP MIFARE Ultralight and NTAG cards, an attacker can interrupt a write operation (aka conduct a "tear off" attack) over RFID to bypass a Monotonic Counter protection mechanism. | 4.2 |
| 2021-06-03 | CVE-2021-3469 | Incorrect Authorization vulnerability in Theforeman Foreman Foreman versions before 2.3.4 and before 2.4.0 is affected by an improper authorization handling flaw. | 5.4 |
| 2021-05-28 | CVE-2021-32619 | Incorrect Authorization vulnerability in Deno Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. | 9.8 |
| 2021-05-28 | CVE-2021-32620 | Incorrect Authorization vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 8.8 |
| 2021-05-28 | CVE-2021-29628 | Incorrect Authorization vulnerability in Freebsd 12.2/13.0 In FreeBSD 13.0-STABLE before n245764-876ffe28796c, 12.2-STABLE before r369857, 13.0-RELEASE before p1, and 12.2-RELEASE before p7, a system call triggering a fault could cause SMAP protections to be disabled for the duration of the system call. | 7.5 |