Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-15 | CVE-2020-12733 | Incorrect Authorization vulnerability in Depstech Wifi Digital Microscope 3 Firmware Certain Shenzhen PENGLIXIN components on DEPSTECH WiFi Digital Microscope 3, as used by Shekar Endoscope, allow a TELNET connection with the molinkadmin password for the molink account. | 7.5 |
| 2021-07-13 | CVE-2021-33718 | Incorrect Authorization vulnerability in Siemens Mendix 7.0.0/8.0.0/9.0.0 A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.22), Mendix Applications using Mendix 8 (All versions < V8.18.7), Mendix Applications using Mendix 9 (All versions < V9.3.0). | 5.3 |
| 2021-07-12 | CVE-2021-22515 | Incorrect Authorization vulnerability in Microfocus Netiq Advanced Authentication Multi-Factor Authentication (MFA) functionality can be bypassed, allowing the use of single factor authentication in NetIQ Advanced Authentication versions prior to 6.3 SP4 Patch 1. | 6.5 |
| 2021-07-07 | CVE-2021-26273 | Incorrect Authorization vulnerability in Ninjarmm 5.0.909 The Agent in NinjaRMM 5.0.909 has Incorrect Access Control. | 7.8 |
| 2021-07-02 | CVE-2021-35197 | Incorrect Authorization vulnerability in multiple products In MediaWiki before 1.31.15, 1.32.x through 1.35.x before 1.35.3, and 1.36.x before 1.36.1, bots have certain unintended API access. | 7.5 |
| 2021-07-02 | CVE-2021-36132 | Incorrect Authorization vulnerability in Mediawiki An issue was discovered in the FileImporter extension in MediaWiki through 1.36. | 8.8 |
| 2021-07-01 | CVE-2020-27362 | Incorrect Authorization vulnerability in Akkadianlabs Akkadian Provisioning Manager 4.50.02 An issue exists within the SSH console of Akkadian Provisioning Manager 4.50.02 which allows a low-level privileged user to escape the web configuration file editor and escalate privileges. | 8.8 |
| 2021-07-01 | CVE-2021-27661 | Incorrect Authorization vulnerability in Johnsoncontrols F4-Snc Firmware 11 Successful exploitation of this vulnerability could give an authenticated Facility Explorer SNC Series Supervisory Controller (F4-SNC) user an unintended level of access to the controller’s file system, allowing them to access or modify system files by sending specifically crafted web messages to the F4-SNC. | 8.8 |
| 2021-06-29 | CVE-2021-22119 | Incorrect Authorization vulnerability in multiple products Spring Security versions 5.5.x prior to 5.5.1, 5.4.x prior to 5.4.7, 5.3.x prior to 5.3.10 and 5.2.x prior to 5.2.11 are susceptible to a Denial-of-Service (DoS) attack via the initiation of the Authorization Request in an OAuth 2.0 Client Web and WebFlux application. | 7.5 |
| 2021-06-24 | CVE-2021-32716 | Incorrect Authorization vulnerability in Shopware Shopware is an open source eCommerce platform. | 4.9 |