Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-22 | CVE-2021-31552 | Incorrect Authorization vulnerability in Mediawiki An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. | 5.4 |
| 2021-04-22 | CVE-2021-31548 | Incorrect Authorization vulnerability in Mediawiki An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. | 6.5 |
| 2021-04-20 | CVE-2021-28793 | Incorrect Authorization vulnerability in Lextudio Restructuredtext vscode-restructuredtext before 146.0.0 contains an incorrect access control vulnerability, where a crafted project folder could execute arbitrary binaries via crafted workspace configuration. | 9.8 |
| 2021-04-17 | CVE-2021-3493 | Incorrect Authorization vulnerability in Canonical Ubuntu Linux The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. | 7.8 |
| 2021-04-16 | CVE-2021-29452 | Incorrect Authorization vulnerability in Curveballjs A12N-Server 0.18.0/0.18.1 a12n-server is an npm package which aims to provide a simple authentication system. | 6.5 |
| 2021-04-14 | CVE-2021-28826 | Incorrect Authorization vulnerability in Tibco Messaging - Eclipse Mosquitto Distribution - Bridge 1.3.0 The Windows Installation component of TIBCO Software Inc.'s TIBCO Messaging - Eclipse Mosquitto Distribution - Bridge - Community Edition and TIBCO Messaging - Eclipse Mosquitto Distribution - Bridge - Enterprise Edition contains a vulnerability that theoretically allows a low privileged attacker with local access on some versions of the Windows operating system to insert malicious software. | 7.8 |
| 2021-04-14 | CVE-2021-28825 | Incorrect Authorization vulnerability in Tibco Messaging - Eclipse Mosquitto Distribution - Core The Windows Installation component of TIBCO Software Inc.'s TIBCO Messaging - Eclipse Mosquitto Distribution - Core - Community Edition and TIBCO Messaging - Eclipse Mosquitto Distribution - Core - Enterprise Edition contains a vulnerability that theoretically allows a low privileged attacker with local access on some versions of the Windows operating system to insert malicious software. | 7.8 |
| 2021-04-13 | CVE-2021-29943 | Incorrect Authorization vulnerability in Apache Solr When using ConfigurableInternodeAuthHadoopPlugin for authentication, Apache Solr versions prior to 8.8.2 would forward/proxy distributed requests using server credentials instead of original client credentials. | 9.1 |
| 2021-04-12 | CVE-2019-15059 | Incorrect Authorization vulnerability in Lispbx Project Lispbx 2.04/2.05 In Liberty lisPBX 2.0-4, configuration backup files can be retrieved remotely from /backup/lispbx-CONF-YYYY-MM-DD.tar or /backup/lispbx-CDR-YYYY-MM-DD.tar without authentication or authorization. | 7.5 |
| 2021-04-12 | CVE-2020-28872 | Incorrect Authorization vulnerability in Monitorr 1.7.6M An authorization bypass vulnerability in Monitorr v1.7.6m in Monitorr/assets/config/_installation/_register.php allows an unauthorized person to create valid credentials. | 9.8 |