Vulnerabilities > Incorrect Authorization

DATE	CVE	VULNERABILITY TITLE	RISK
2021-04-29	CVE-2020-21990	Incorrect Authorization vulnerability in Domoticz Mydomoathome 0.240 Emmanuel MyDomoAtHome (MDAH) REST API REST API Domoticz ISS Gateway 0.2.40 is affected by an information disclosure vulnerability due to improper access control enforcement. network low complexity domoticz CWE-863	7.5
2021-04-27	CVE-2021-30638	Incorrect Authorization vulnerability in Apache Tapestry Information Exposure vulnerability in context asset handling of Apache Tapestry allows an attacker to download files inside WEB-INF if using a specially-constructed URL. network low complexity apache CWE-863	7.5
2021-04-23	CVE-2021-29158	Incorrect Authorization vulnerability in Sonatype Nexus Repository Manager 3 3.25.1 Sonatype Nexus Repository Manager 3 Pro up to and including 3.30.0 has Incorrect Access Control. network low complexity sonatype CWE-863	4.9
2021-04-22	CVE-2021-31554	Incorrect Authorization vulnerability in Mediawiki An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. network low complexity mediawiki CWE-863	5.4
2021-04-22	CVE-2021-31552	Incorrect Authorization vulnerability in Mediawiki An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. network low complexity mediawiki CWE-863	5.4
2021-04-22	CVE-2021-31548	Incorrect Authorization vulnerability in Mediawiki An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. network low complexity mediawiki CWE-863	6.5
2021-04-20	CVE-2021-28793	Incorrect Authorization vulnerability in Lextudio Restructuredtext vscode-restructuredtext before 146.0.0 contains an incorrect access control vulnerability, where a crafted project folder could execute arbitrary binaries via crafted workspace configuration. network low complexity lextudio CWE-863 critical	9.8
2021-04-17	CVE-2021-3493	Incorrect Authorization vulnerability in Canonical Ubuntu Linux The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. local low complexity canonical CWE-863	7.8
2021-04-16	CVE-2021-29452	Incorrect Authorization vulnerability in Curveballjs A12N-Server 0.18.0/0.18.1 a12n-server is an npm package which aims to provide a simple authentication system. network low complexity curveballjs CWE-863	6.5
2021-04-14	CVE-2021-28826	Incorrect Authorization vulnerability in Tibco Messaging - Eclipse Mosquitto Distribution - Bridge 1.3.0 The Windows Installation component of TIBCO Software Inc.'s TIBCO Messaging - Eclipse Mosquitto Distribution - Bridge - Community Edition and TIBCO Messaging - Eclipse Mosquitto Distribution - Bridge - Enterprise Edition contains a vulnerability that theoretically allows a low privileged attacker with local access on some versions of the Windows operating system to insert malicious software. local low complexity tibco CWE-863	7.8

Vulnerabilities > Incorrect Authorization {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Incorrect Authorization"}]}

Vulnerabilities > Incorrect Authorization