Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-12 | CVE-2019-15059 | Incorrect Authorization vulnerability in Lispbx Project Lispbx 2.04/2.05 In Liberty lisPBX 2.0-4, configuration backup files can be retrieved remotely from /backup/lispbx-CONF-YYYY-MM-DD.tar or /backup/lispbx-CDR-YYYY-MM-DD.tar without authentication or authorization. | 7.5 |
| 2021-04-12 | CVE-2020-28872 | Incorrect Authorization vulnerability in Monitorr 1.7.6M An authorization bypass vulnerability in Monitorr v1.7.6m in Monitorr/assets/config/_installation/_register.php allows an unauthorized person to create valid credentials. | 9.8 |
| 2021-04-09 | CVE-2021-25356 | Incorrect Authorization vulnerability in Google Android An improper caller check vulnerability in Managed Provisioning prior to SMR APR-2021 Release 1 allows unprivileged application to install arbitrary application, grant device admin permission and then delete several installed application. | 8.8 |
| 2021-04-08 | CVE-2020-14106 | Incorrect Authorization vulnerability in MI Miui 12.5/12.5.2/2020.01.15 The application in the mobile phone can unauthorized access to the list of running processes in the mobile phone, Xiaomi Mobile Phone MIUI < 2021.01.26. | 5.5 |
| 2021-04-02 | CVE-2020-27901 | Incorrect Authorization vulnerability in Apple Macos A logic issue was addressed with improved restrictions. | 6.3 |
| 2021-04-01 | CVE-2021-26718 | Incorrect Authorization vulnerability in Kaspersky Internet Security KIS for macOS in some use cases was vulnerable to AV bypass that potentially allowed an attacker to disable anti-virus protection. | 5.5 |
| 2021-03-30 | CVE-2021-29642 | Incorrect Authorization vulnerability in Gistpad Project Gistpad GistPad before 0.2.7 allows a crafted workspace folder to change the URL for the Gist API, which leads to leakage of GitHub access tokens. | 5.3 |
| 2021-03-29 | CVE-2021-28936 | Incorrect Authorization vulnerability in Acexy Wireless-N Wifi Repeater Firmware 28.08.06.1 The Acexy Wireless-N WiFi Repeater REV 1.0 (28.08.06.1) Web management administrator password can be changed by sending a specially crafted HTTP GET request. | 7.5 |
| 2021-03-25 | CVE-2021-27195 | Incorrect Authorization vulnerability in Netop Vision PRO Improper Authorization vulnerability in Netop Vision Pro up to and including to 9.7.1 allows an attacker to replay network traffic. | 5.9 |
| 2021-03-24 | CVE-2021-22186 | Incorrect Authorization vulnerability in Gitlab An authorization issue in GitLab CE/EE version 9.4 and up allowed a group maintainer to modify group CI/CD variables which should be restricted to group owners | 4.9 |