Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-28 | CVE-2020-4249 | Incorrect Authorization vulnerability in IBM Security Identity Governance and Intelligence 5.2.6 IBM Security Identity Governance and Intelligence 5.2.6 could disclose highly sensitive information to other authenticated users on the sytem due to incorrect authorization. | 6.5 |
| 2020-05-26 | CVE-2020-12391 | Incorrect Authorization vulnerability in Mozilla Firefox Documents formed using data: URLs in an OBJECT element failed to inherit the CSP of the creating context. | 7.5 |
| 2020-05-26 | CVE-2020-3811 | Incorrect Authorization vulnerability in multiple products qmail-verify as used in netqmail 1.06 is prone to a mail-address verification bypass vulnerability. | 7.5 |
| 2020-05-18 | CVE-2019-20801 | Incorrect Authorization vulnerability in Readdle Documents An issue was discovered in the Readdle Documents app before 6.9.7 for iOS. | 5.3 |
| 2020-05-14 | CVE-2020-0097 | Incorrect Authorization vulnerability in Google Android 10.0/9.0 In various methods of PackageManagerService.java, there is a possible permission bypass due to a missing condition for system apps. | 7.8 |
| 2020-05-14 | CVE-2020-12876 | Incorrect Authorization vulnerability in Veritas Aptare Veritas APTARE versions prior to 10.4 allowed remote users to access several unintended files on the server. | 7.5 |
| 2020-05-14 | CVE-2020-12875 | Incorrect Authorization vulnerability in Veritas Aptare Veritas APTARE versions prior to 10.4 did not perform adequate authorization checks. | 6.3 |
| 2020-05-13 | CVE-2020-1998 | Incorrect Authorization vulnerability in Paloaltonetworks Pan-Os An improper authorization vulnerability in PAN-OS that mistakenly uses the permissions of local linux users instead of the intended SAML permissions of the account when the username is shared for the purposes of SSO authentication. | 8.8 |
| 2020-05-12 | CVE-2020-8151 | Incorrect Authorization vulnerability in multiple products There is a possible information disclosure issue in Active Resource <v5.1.1 that could allow an attacker to create specially crafted requests to access data in an unexpected way and possibly leak information. | 7.5 |
| 2020-05-07 | CVE-2020-12691 | Incorrect Authorization vulnerability in multiple products An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. | 8.8 |