Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-05 | CVE-2021-26964 | Incorrect Authorization vulnerability in Arubanetworks Airwave A remote authentication restriction bypass vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. | 7.1 |
| 2021-03-05 | CVE-2021-21725 | Incorrect Authorization vulnerability in ZTE Zxhn H196Q Firmware 9.1.0C2 A ZTE product has an information leak vulnerability. | 5.7 |
| 2021-03-04 | CVE-2021-26027 | Incorrect Authorization vulnerability in Joomla Joomla! An issue was discovered in Joomla! 3.0.0 through 3.9.24. | 5.3 |
| 2021-03-01 | CVE-2021-27225 | Incorrect Authorization vulnerability in Dataiku Data Science Studio In Dataiku DSS before 8.0.6, insufficient access control in the Jupyter notebooks integration allows users (who have coding permissions) to read and overwrite notebooks in projects that they are not authorized to access. | 5.4 |
| 2021-02-26 | CVE-2021-26563 | Incorrect Authorization vulnerability in Synology products Incorrect authorization vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6.2.4-25553 allows local users to execute arbitrary code via unspecified vectors. | 6.7 |
| 2021-02-23 | CVE-2021-20229 | Incorrect Authorization vulnerability in multiple products A flaw was found in PostgreSQL in versions before 13.2. | 4.3 |
| 2021-02-23 | CVE-2021-22113 | Incorrect Authorization vulnerability in VMWare Spring Cloud Netflix Zuul 2.2.4/2.2.5/2.2.6 Applications using the “Sensitive Headers” functionality in Spring Cloud Netflix Zuul 2.2.6.RELEASE and below may be vulnerable to bypassing the “Sensitive Headers” restriction when executing requests with specially constructed URLs. | 5.3 |
| 2021-02-19 | CVE-2021-27509 | Incorrect Authorization vulnerability in Visualware Myconnection Server In Visualware MyConnection Server before 11.0b build 5382, each published report is not associated with its own access code. | 7.5 |
| 2021-02-19 | CVE-2020-12668 | Incorrect Authorization vulnerability in Hubspot Jinjava Jinjava before 2.5.4 allow access to arbitrary classes by calling Java methods on objects passed into a Jinjava context. | 6.5 |
| 2021-02-18 | CVE-2021-21318 | Incorrect Authorization vulnerability in Apereo Opencast Opencast is a free, open-source platform to support the management of educational audio and video content. | 5.4 |