Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-17 | CVE-2021-0645 | Incorrect Authorization vulnerability in Google Android 11.0 In shouldBlockFromTree of ExternalStorageProvider.java, there is a possible permissions bypass. | 7.8 |
| 2021-08-17 | CVE-2021-32829 | Incorrect Authorization vulnerability in Zstack Rest API ZStack is open source IaaS(infrastructure as a service) software aiming to automate datacenters, managing resources of compute, storage, and networking all by APIs. | 9.9 |
| 2021-08-16 | CVE-2020-18701 | Incorrect Authorization vulnerability in Talelin Lin-Cms-Flask 0.1.1 Incorrect Access Control in Lin-CMS-Flask v0.1.1 allows remote attackers to obtain sensitive information and/or gain privileges due to the application not invalidating a user's authentication token upon logout, which allows for replaying packets. | 9.8 |
| 2021-08-13 | CVE-2021-37705 | Incorrect Authorization vulnerability in Microsoft Onefuzz OneFuzz is an open source self-hosted Fuzzing-As-A-Service platform. | 10.0 |
| 2021-08-12 | CVE-2021-27793 | Incorrect Authorization vulnerability in Broadcom Fabric Operating System ntermittent authorization failure in aaa tacacs+ with Brocade Fabric OS versions before Brocade Fabric OS v9.0.1b and after 9.0.0, also in Brocade Fabric OS before Brocade Fabric OS v8.2.3a and after v8.2.0 could cause a user with a valid account to be unable to log into the switch. | 5.3 |
| 2021-08-11 | CVE-2020-25564 | Incorrect Authorization vulnerability in Sapphireims 5.0 In SapphireIMS 5.0, it is possible to create local administrator on any client with credentials of a non-privileged user by directly accessing RemoteMgmtTaskSave (Automation Tasks) feature. | 8.8 |
| 2021-08-10 | CVE-2020-28397 | Incorrect Authorization vulnerability in Siemens products A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. | 5.3 |
| 2021-08-09 | CVE-2021-25954 | Incorrect Authorization vulnerability in Dolibarr In “Dolibarr” application, 2.8.1 to 13.0.4 don’t restrict or incorrectly restricts access to a resource from an unauthorized actor. | 4.3 |
| 2021-08-06 | CVE-2021-38137 | Incorrect Authorization vulnerability in Corero Securewatch Managed Services 9.7.2.0020 Corero SecureWatch Managed Services 9.7.2.0020 does not correctly check swa-monitor and cns-monitor user’s privileges, allowing a user to perform actions not belonging to his role. | 8.1 |
| 2021-08-05 | CVE-2021-22240 | Incorrect Authorization vulnerability in Gitlab Improper access control in GitLab EE versions 13.11.6, 13.12.6, and 14.0.2 allows users to be created via single sign on despite user cap being enabled | 4.3 |