Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-14 | CVE-2021-28825 | Incorrect Authorization vulnerability in Tibco Messaging - Eclipse Mosquitto Distribution - Core The Windows Installation component of TIBCO Software Inc.'s TIBCO Messaging - Eclipse Mosquitto Distribution - Core - Community Edition and TIBCO Messaging - Eclipse Mosquitto Distribution - Core - Enterprise Edition contains a vulnerability that theoretically allows a low privileged attacker with local access on some versions of the Windows operating system to insert malicious software. | 7.8 |
| 2021-04-13 | CVE-2021-29439 | Incorrect Authorization vulnerability in Getgrav Grav Admin The Grav admin plugin prior to version 1.10.11 does not correctly verify caller's privileges. | 7.2 |
| 2021-04-13 | CVE-2021-27086 | Incorrect Authorization vulnerability in Microsoft products Windows Services and Controller App Elevation of Privilege Vulnerability | 7.8 |
| 2021-04-13 | CVE-2021-29943 | Incorrect Authorization vulnerability in Apache Solr When using ConfigurableInternodeAuthHadoopPlugin for authentication, Apache Solr versions prior to 8.8.2 would forward/proxy distributed requests using server credentials instead of original client credentials. | 6.4 |
| 2021-04-12 | CVE-2020-28872 | Incorrect Authorization vulnerability in Monitorr 1.7.6M An authorization bypass vulnerability in Monitorr v1.7.6m in Monitorr/assets/config/_installation/_register.php allows an unauthorized person to create valid credentials. | 9.8 |
| 2021-04-09 | CVE-2021-25356 | Incorrect Authorization vulnerability in Google Android An improper caller check vulnerability in Managed Provisioning prior to SMR APR-2021 Release 1 allows unprivileged application to install arbitrary application, grant device admin permission and then delete several installed application. | 7.2 |
| 2021-04-08 | CVE-2020-14106 | Incorrect Authorization vulnerability in MI Miui The application in the mobile phone can unauthorized access to the list of running processes in the mobile phone, Xiaomi Mobile Phone MIUI < 2021.01.26. | 4.3 |
| 2021-04-02 | CVE-2020-27901 | Incorrect Authorization vulnerability in Apple Macos 11.0/11.0.1 A logic issue was addressed with improved restrictions. | 4.3 |
| 2021-04-01 | CVE-2021-26718 | Incorrect Authorization vulnerability in Kaspersky Internet Security KIS for macOS in some use cases was vulnerable to AV bypass that potentially allowed an attacker to disable anti-virus protection. | 2.1 |
| 2021-03-30 | CVE-2021-29642 | Incorrect Authorization vulnerability in Gistpad Project Gistpad GistPad before 0.2.7 allows a crafted workspace folder to change the URL for the Gist API, which leads to leakage of GitHub access tokens. | 5.0 |