Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-23 | CVE-2021-28823 | Incorrect Authorization vulnerability in Tibco Eftl The Windows Installation component of TIBCO Software Inc.'s TIBCO eFTL - Community Edition, TIBCO eFTL - Developer Edition, and TIBCO eFTL - Enterprise Edition contains a vulnerability that theoretically allows a low privileged attacker with local access on some versions of the Windows operating system to insert malicious software. | 7.8 |
| 2021-03-23 | CVE-2021-28821 | Incorrect Authorization vulnerability in Tibco Enterprise Message Service 8.5.1 The Windows Installation component of TIBCO Software Inc.'s TIBCO Enterprise Message Service, TIBCO Enterprise Message Service - Community Edition, and TIBCO Enterprise Message Service - Developer Edition contains a vulnerability that theoretically allows a low privileged attacker with local access on some versions of the Windows operating system to insert malicious software. | 7.8 |
| 2021-03-23 | CVE-2021-28819 | Incorrect Authorization vulnerability in Tibco FTL The Windows Installation component of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, and TIBCO FTL - Enterprise Edition contains a vulnerability that theoretically allows a low privileged attacker with local access on some versions of the Windows operating system to insert malicious software. | 7.8 |
| 2021-03-22 | CVE-2021-28146 | Incorrect Authorization vulnerability in Grafana The team sync HTTP API in Grafana Enterprise 7.4.x before 7.4.5 has an Incorrect Access Control issue. | 6.5 |
| 2021-03-18 | CVE-2021-28791 | Incorrect Authorization vulnerability in Swiftformat Project Swiftformat The unofficial SwiftFormat extension before 1.3.7 for Visual Studio Code allows remote attackers to execute arbitrary code by constructing a malicious workspace with a crafted swiftformat.path configuration value that triggers execution upon opening the workspace. | 7.8 |
| 2021-03-18 | CVE-2021-21624 | Incorrect Authorization vulnerability in Jenkins Role-Based Authorization Strategy An incorrect permission check in Jenkins Role-based Authorization Strategy Plugin 3.1 and earlier allows attackers with Item/Read permission on nested items to access them, even if they lack Item/Read permission for parent folders. | 4.3 |
| 2021-03-18 | CVE-2021-21623 | Incorrect Authorization vulnerability in Jenkins Matrix Authorization Strategy An incorrect permission check in Jenkins Matrix Authorization Strategy Plugin 2.6.5 and earlier allows attackers with Item/Read permission on nested items to access them, even if they lack Item/Read permission for parent folders. | 6.5 |
| 2021-03-18 | CVE-2021-28681 | Incorrect Authorization vulnerability in Webrtc Project Webrtc Pion WebRTC before 3.0.15 didn't properly tear down the DTLS Connection when certificate verification failed. | 5.3 |
| 2021-03-18 | CVE-2021-20676 | Incorrect Authorization vulnerability in M-System products M-System DL8 series (type A (DL8-A) versions prior to Ver3.0, type B (DL8-B) versions prior to Ver3.0, type C (DL8-C) versions prior to Ver3.0, type D (DL8-D) versions prior to Ver3.0, and type E (DL8-E) versions prior to Ver3.0) allows remote authenticated attackers to bypass access restriction and conduct prohibited operations via unspecified vectors. | 4.3 |
| 2021-03-16 | CVE-2020-24264 | Incorrect Authorization vulnerability in Portainer Portainer 1.24.1 and earlier is affected by incorrect access control that may lead to remote arbitrary code execution. | 9.8 |