Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-04 | CVE-2020-3473 | Incorrect Authorization vulnerability in Cisco IOS XR A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local CLI shell user to elevate privileges and gain full administrative control of the device. | 7.8 |
| 2020-09-04 | CVE-2020-24941 | Incorrect Authorization vulnerability in Laravel An issue was discovered in Laravel before 6.18.35 and 7.x before 7.24.0. | 7.5 |
| 2020-09-03 | CVE-2020-5418 | Incorrect Authorization vulnerability in Cloudfoundry Capi-Release Cloud Foundry CAPI (Cloud Controller) versions prior to 1.98.0 allow authenticated users having only the "cloud_controller.read" scope, but no roles in any spaces, to list all droplets in all spaces (whereas they should see none). | 4.3 |
| 2020-09-02 | CVE-2020-25025 | Incorrect Authorization vulnerability in Localization Manager Project Localization Manager The l10nmgr (aka Localization Manager) extension before 7.4.0, 8.x before 8.7.0, and 9.x before 9.2.0 for TYPO3 allows Information Disclosure (translatable fields). | 4.3 |
| 2020-08-31 | CVE-2020-25055 | Incorrect Authorization vulnerability in Google Android An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. | 9.8 |
| 2020-08-27 | CVE-2020-24716 | Incorrect Authorization vulnerability in Openzfs OpenZFS before 2.0.0-rc1, when used on FreeBSD, allows execute permissions for all directories. | 7.8 |
| 2020-08-26 | CVE-2020-3522 | Incorrect Authorization vulnerability in Cisco Data Center Network Manager A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) Software could allow an authenticated, remote attacker to bypass authorization on an affected device and access sensitive information that is related to the device. | 6.3 |
| 2020-08-25 | CVE-2020-19005 | Incorrect Authorization vulnerability in Zrlog 2.1.0 zrlog v2.1.0 has a vulnerability with the permission check. | 5.7 |
| 2020-08-21 | CVE-2020-16241 | Incorrect Authorization vulnerability in Philips Suresigns VS4 Firmware A.07.107 Philips SureSigns VS4, A.07.107 and prior. | 2.1 |
| 2020-08-19 | CVE-2020-9712 | Incorrect Authorization vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a security bypass vulnerability. | 5.5 |