Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-29 | CVE-2020-29605 | Incorrect Authorization vulnerability in Mantisbt An issue was discovered in MantisBT before 2.24.4. | 4.3 |
| 2021-01-28 | CVE-2021-3337 | Incorrect Authorization vulnerability in Hide Thread Content Project Hide Thread Content 1.0 The Hide-Thread-Content plugin through 2021-01-27 for MyBB allows remote attackers to bypass intended content-reading restrictions by clicking on reply or quote in the postbit. | 7.5 |
| 2021-01-28 | CVE-2020-1725 | Incorrect Authorization vulnerability in Redhat Keycloak A flaw was found in keycloak before version 13.0.0. | 5.4 |
| 2021-01-26 | CVE-2021-26026 | Incorrect Authorization vulnerability in Acdsee Photo Studio 2021 14.0 PlugIns\IDE_ACDStd.apl in ACDSee Professional 2021 14.0 1721 has a User Mode Write Access Violation starting at IDE_ACDStd!JPEGTransW+0x000000000000c7f4 via a crafted BMP image. | 7.8 |
| 2021-01-26 | CVE-2021-26025 | Incorrect Authorization vulnerability in Acdsee Photo Studio 2021 14.0 PlugIns\IDE_ACDStd.apl in ACDSee Professional 2021 14.0 1721 has a User Mode Write Access Violation starting at IDE_ACDStd!zlibVersion+0x0000000000004e5e via a crafted BMP image. | 7.8 |
| 2021-01-26 | CVE-2020-9492 | Incorrect Authorization vulnerability in multiple products In Apache Hadoop 3.2.0 to 3.2.1, 3.0.0-alpha1 to 3.1.3, and 2.0.0-alpha to 2.10.0, WebHDFS client might send SPNEGO authorization header to remote URL without proper verification. | 8.8 |
| 2021-01-20 | CVE-2021-1305 | Incorrect Authorization vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected system, gain access to sensitive information, and view information that they are not authorized to access. | 4.3 |
| 2021-01-20 | CVE-2021-1270 | Incorrect Authorization vulnerability in Cisco Data Center Network Manager Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. | 6.5 |
| 2021-01-20 | CVE-2021-1269 | Incorrect Authorization vulnerability in Cisco Data Center Network Manager Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. | 6.3 |
| 2021-01-19 | CVE-2020-4873 | Incorrect Authorization vulnerability in IBM Planning Analytics 2.0 IBM Planning Analytics 2.0 could allow an attacker to obtain sensitive information due to an overly permissive CORS policy. | 5.3 |