Vulnerabilities > Incorrect Authorization

DATE	CVE	VULNERABILITY TITLE	RISK
2021-03-01	CVE-2021-27225	Incorrect Authorization vulnerability in Dataiku Data Science Studio In Dataiku DSS before 8.0.6, insufficient access control in the Jupyter notebooks integration allows users (who have coding permissions) to read and overwrite notebooks in projects that they are not authorized to access. network low complexity dataiku CWE-863	5.4
2021-02-26	CVE-2021-26563	Incorrect Authorization vulnerability in Synology products Incorrect authorization vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6.2.4-25553 allows local users to execute arbitrary code via unspecified vectors. local low complexity synology CWE-863	6.7
2021-02-23	CVE-2021-22113	Incorrect Authorization vulnerability in VMWare Spring Cloud Netflix Zuul 2.2.4/2.2.5/2.2.6 Applications using the “Sensitive Headers” functionality in Spring Cloud Netflix Zuul 2.2.6.RELEASE and below may be vulnerable to bypassing the “Sensitive Headers” restriction when executing requests with specially constructed URLs. network low complexity vmware CWE-863	5.3
2021-02-19	CVE-2021-27509	Incorrect Authorization vulnerability in Visualware Myconnection Server In Visualware MyConnection Server before 11.0b build 5382, each published report is not associated with its own access code. network low complexity visualware CWE-863	7.5
2021-02-19	CVE-2020-12668	Incorrect Authorization vulnerability in Hubspot Jinjava Jinjava before 2.5.4 allow access to arbitrary classes by calling Java methods on objects passed into a Jinjava context. network low complexity hubspot CWE-863	6.5
2021-02-12	CVE-2021-26753	Incorrect Authorization vulnerability in Nedi 1.9C NeDi 1.9C allows an authenticated user to inject PHP code in the System Files function on the endpoint /System-Files.php via the txt HTTP POST parameter. network low complexity nedi CWE-863 critical	9.9
2021-02-10	CVE-2021-27177	Incorrect Authorization vulnerability in Fiberhome Hg6245D Firmware Rp2613 An issue was discovered on FiberHome HG6245D devices through RP2613. network low complexity fiberhome CWE-863 critical	9.8
2021-02-05	CVE-2020-8806	Incorrect Authorization vulnerability in Electriccoin Zcashd Electric Coin Company Zcashd before 2.1.1-1 allows attackers to trigger consensus failure and double spending. network low complexity electriccoin CWE-863	7.5
2021-02-04	CVE-2020-27873	Incorrect Authorization vulnerability in Netgear products This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R7450 1.2.0.62_1.0.1 routers. low complexity netgear CWE-863	6.5
2021-02-03	CVE-2021-25777	Incorrect Authorization vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.2.1, permissions during token removal were checked improperly. network low complexity jetbrains CWE-863	5.3

Vulnerabilities > Incorrect Authorization {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Incorrect Authorization"}]}

Vulnerabilities > Incorrect Authorization