Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-24 | CVE-2021-22176 | Incorrect Authorization vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting with 3.0.1. | 4.3 |
| 2021-03-23 | CVE-2021-28824 | Incorrect Authorization vulnerability in Tibco Activespaces The Windows Installation component of TIBCO Software Inc.'s TIBCO ActiveSpaces - Community Edition, TIBCO ActiveSpaces - Developer Edition, and TIBCO ActiveSpaces - Enterprise Edition contains a vulnerability that theoretically allows a low privileged attacker with local access on some versions of the Windows operating system to insert malicious software. | 8.8 |
| 2021-03-23 | CVE-2021-28823 | Incorrect Authorization vulnerability in Tibco Eftl The Windows Installation component of TIBCO Software Inc.'s TIBCO eFTL - Community Edition, TIBCO eFTL - Developer Edition, and TIBCO eFTL - Enterprise Edition contains a vulnerability that theoretically allows a low privileged attacker with local access on some versions of the Windows operating system to insert malicious software. | 7.8 |
| 2021-03-23 | CVE-2021-28821 | Incorrect Authorization vulnerability in Tibco Enterprise Message Service 8.5.1 The Windows Installation component of TIBCO Software Inc.'s TIBCO Enterprise Message Service, TIBCO Enterprise Message Service - Community Edition, and TIBCO Enterprise Message Service - Developer Edition contains a vulnerability that theoretically allows a low privileged attacker with local access on some versions of the Windows operating system to insert malicious software. | 7.8 |
| 2021-03-23 | CVE-2021-28819 | Incorrect Authorization vulnerability in Tibco FTL The Windows Installation component of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, and TIBCO FTL - Enterprise Edition contains a vulnerability that theoretically allows a low privileged attacker with local access on some versions of the Windows operating system to insert malicious software. | 7.8 |
| 2021-03-22 | CVE-2021-28146 | Incorrect Authorization vulnerability in Grafana The team sync HTTP API in Grafana Enterprise 7.4.x before 7.4.5 has an Incorrect Access Control issue. | 6.5 |
| 2021-03-18 | CVE-2021-28791 | Incorrect Authorization vulnerability in Swiftformat Project Swiftformat The unofficial SwiftFormat extension before 1.3.7 for Visual Studio Code allows remote attackers to execute arbitrary code by constructing a malicious workspace with a crafted swiftformat.path configuration value that triggers execution upon opening the workspace. | 7.8 |
| 2021-03-18 | CVE-2021-21624 | Incorrect Authorization vulnerability in Jenkins Role-Based Authorization Strategy An incorrect permission check in Jenkins Role-based Authorization Strategy Plugin 3.1 and earlier allows attackers with Item/Read permission on nested items to access them, even if they lack Item/Read permission for parent folders. | 4.3 |
| 2021-03-18 | CVE-2021-21623 | Incorrect Authorization vulnerability in Jenkins Matrix Authorization Strategy An incorrect permission check in Jenkins Matrix Authorization Strategy Plugin 2.6.5 and earlier allows attackers with Item/Read permission on nested items to access them, even if they lack Item/Read permission for parent folders. | 6.5 |
| 2021-03-18 | CVE-2021-28681 | Incorrect Authorization vulnerability in Webrtc Project Webrtc Pion WebRTC before 3.0.15 didn't properly tear down the DTLS Connection when certificate verification failed. | 5.3 |