Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-28 | CVE-2020-26028 | Incorrect Authorization vulnerability in Zammad An issue was discovered in Zammad before 3.4.1. | 4.9 |
| 2020-12-22 | CVE-2020-24674 | Incorrect Authorization vulnerability in ABB Symphony + Historian and Symphony + Operations In S+ Operations and S+ Historian, not all client commands correctly check user permission as expected. | 8.8 |
| 2020-12-21 | CVE-2020-4794 | Incorrect Authorization vulnerability in IBM products IBM Automation Workstream Services 19.0.3, 20.0.1, 20.0.2, IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.6 could allow an authenticated user to obtain sensitive information or cuase a denial of service due to iimproper authorization checking. | 5.4 |
| 2020-12-15 | CVE-2020-0481 | Incorrect Authorization vulnerability in Google Android 11.0 In AndroidManifest.xml, there is a possible permissions bypass. | 3.3 |
| 2020-12-15 | CVE-2020-0479 | Incorrect Authorization vulnerability in Google Android 11.0 In callUnchecked of DocumentsProvider.java, there is a possible permissions bypass. | 7.8 |
| 2020-12-15 | CVE-2020-0473 | Incorrect Authorization vulnerability in Google Android 11.0 In updateIncomingFileConfirmNotification of BluetoothOppNotification.java, there is a possible permissions bypass. | 4.6 |
| 2020-12-10 | CVE-2020-8919 | Incorrect Authorization vulnerability in Google Gerrit An information leak vulnerability exists in Gerrit versions prior to 2.15.21, 2.16.25, 3.0.15, 3.1.10, 3.2.5 where a missing access check on the branch REST API allows an attacker with only the default set of priviledges to read all other user's personal account data as well as sub-trees with restricted access. | 3.5 |
| 2020-12-02 | CVE-2020-29454 | Incorrect Authorization vulnerability in Umbraco CMS Editors/LogViewerController.cs in Umbraco through 8.9.1 allows a user to visit a logviewer endpoint even if they lack Applications.Settings access. | 4.3 |
| 2020-12-01 | CVE-2020-26250 | Incorrect Authorization vulnerability in Jupyter Oauthenticator 0.12.0/0.12.1 OAuthenticator is an OAuth login mechanism for JupyterHub. | 6.3 |
| 2020-11-28 | CVE-2020-29374 | Incorrect Authorization vulnerability in multiple products An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. | 3.6 |