Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-23 | CVE-2021-22113 | Incorrect Authorization vulnerability in VMWare Spring Cloud Netflix Zuul 2.2.4/2.2.5/2.2.6 Applications using the “Sensitive Headers” functionality in Spring Cloud Netflix Zuul 2.2.6.RELEASE and below may be vulnerable to bypassing the “Sensitive Headers” restriction when executing requests with specially constructed URLs. | 5.3 |
| 2021-02-19 | CVE-2021-27509 | Incorrect Authorization vulnerability in Visualware Myconnection Server In Visualware MyConnection Server before 11.0b build 5382, each published report is not associated with its own access code. | 7.5 |
| 2021-02-19 | CVE-2020-12668 | Incorrect Authorization vulnerability in Hubspot Jinjava Jinjava before 2.5.4 allow access to arbitrary classes by calling Java methods on objects passed into a Jinjava context. | 6.5 |
| 2021-02-12 | CVE-2021-26753 | Incorrect Authorization vulnerability in Nedi 1.9C NeDi 1.9C allows an authenticated user to inject PHP code in the System Files function on the endpoint /System-Files.php via the txt HTTP POST parameter. | 9.9 |
| 2021-02-10 | CVE-2021-27177 | Incorrect Authorization vulnerability in Fiberhome Hg6245D Firmware Rp2613 An issue was discovered on FiberHome HG6245D devices through RP2613. | 9.8 |
| 2021-02-05 | CVE-2020-8806 | Incorrect Authorization vulnerability in Electriccoin Zcashd Electric Coin Company Zcashd before 2.1.1-1 allows attackers to trigger consensus failure and double spending. | 7.5 |
| 2021-02-04 | CVE-2020-27873 | Incorrect Authorization vulnerability in Netgear products This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R7450 1.2.0.62_1.0.1 routers. | 6.5 |
| 2021-02-03 | CVE-2021-25777 | Incorrect Authorization vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.2.1, permissions during token removal were checked improperly. | 5.3 |
| 2021-02-03 | CVE-2021-25774 | Incorrect Authorization vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.2.1, a user could get access to the GitHub access token of another user. | 4.3 |
| 2021-02-02 | CVE-2019-25017 | Incorrect Authorization vulnerability in MIT Krb5-Appl An issue was discovered in rcp in MIT krb5-appl through 1.0.3. | 5.9 |