Vulnerabilities > Incorrect Authorization
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-02-04 | CVE-2021-25246 | Incorrect Authorization vulnerability in Trendmicro Apex One, Officescan and Worry-Free Business Security An improper access control information disclosure vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG SP1, and Worry-Free Business Security could allow an unauthenticated user to create a bogus agent on an affected server that could be used then make valid configuration queries. | 6.4 |
2021-02-04 | CVE-2021-25245 | Incorrect Authorization vulnerability in Trendmicro Worry-Free Business Security 10.0 An improper access control vulnerability in Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain various pieces of settings informaiton. | 5.0 |
2021-02-04 | CVE-2021-25244 | Incorrect Authorization vulnerability in Trendmicro Worry-Free Business Security 10.0 An improper access control vulnerability in Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain various pieces of configuration informaiton. | 5.0 |
2021-02-04 | CVE-2021-25229 | Incorrect Authorization vulnerability in Trendmicro Apex ONE and Officescan An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about the database server. | 5.0 |
2021-02-04 | CVE-2021-25228 | Incorrect Authorization vulnerability in Trendmicro Apex One, Officescan and Worry-Free Business Security An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about hotfix history. | 5.0 |
2021-02-04 | CVE-2020-27873 | Incorrect Authorization vulnerability in Netgear products This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R7450 1.2.0.62_1.0.1 routers. | 3.3 |
2021-02-03 | CVE-2021-25777 | Incorrect Authorization vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.2.1, permissions during token removal were checked improperly. | 5.0 |
2021-02-03 | CVE-2021-25774 | Incorrect Authorization vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.2.1, a user could get access to the GitHub access token of another user. | 4.0 |
2021-02-03 | CVE-2020-29165 | Incorrect Authorization vulnerability in Rainbowfishsoftware Pacsone Server PacsOne Server (PACS Server In One Box) below 7.1.1 is affected by incorrect access control, which can result in remotely gaining administrator privileges. | 7.5 |
2021-02-02 | CVE-2019-25018 | Incorrect Authorization vulnerability in MIT Krb5-Appl In the rcp client in MIT krb5-appl through 1.0.3, malicious servers could bypass intended access restrictions via the filename of . | 5.0 |