Vulnerabilities > Incorrect Authorization
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-04-20 | CVE-2020-5287 | Incorrect Authorization vulnerability in Prestashop In PrestaShop between versions 1.5.5.0 and 1.7.6.5, there is improper access control on customers search. | 6.5 |
2020-04-20 | CVE-2020-5279 | Incorrect Authorization vulnerability in Prestashop In PrestaShop between versions 1.5.0.0 and 1.7.6.5, there are improper access control since the the version 1.5.0.0 for legacy controllers. | 6.5 |
2020-04-15 | CVE-2020-0981 | Incorrect Authorization vulnerability in Microsoft Windows 10 and Windows Server 2016 A security feature bypass vulnerability exists when Windows fails to properly handle token relationships.An attacker who successfully exploited the vulnerability could allow an application with a certain integrity level to execute code at a different integrity level, leading to a sandbox escape.The update addresses the vulnerability by correcting how Windows handles token relationships, aka 'Windows Token Security Feature Bypass Vulnerability'. | 8.8 |
2020-04-14 | CVE-2020-6214 | Incorrect Authorization vulnerability in SAP S/4Hana 100 SAP S/4HANA (Financial Products Subledger), version 100, uses an incorrect authorization object in some reports. | 4.7 |
2020-04-12 | CVE-2020-11707 | Incorrect Authorization vulnerability in Provideserver Provide FTP Server 13.1 An issue was discovered in ProVide (formerly zFTPServer) through 13.1. | 8.8 |
2020-04-08 | CVE-2018-21039 | Incorrect Authorization vulnerability in Google Android 7.0 An issue was discovered on Samsung mobile devices with N(7.0) software. | 7.5 |
2020-04-08 | CVE-2018-21082 | Incorrect Authorization vulnerability in Google Android An issue was discovered on Samsung mobile devices with N(7.x) software. | 8.4 |
2020-04-08 | CVE-2020-11628 | Incorrect Authorization vulnerability in Primekey Ejbca An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1.2. | 5.3 |
2020-04-03 | CVE-2020-8142 | Incorrect Authorization vulnerability in Revive-Adserver Revive Adserver A security restriction bypass vulnerability has been discovered in Revive Adserver version < 5.0.5 by HackerOne user hoangn144. | 6.8 |
2020-04-01 | CVE-2018-11802 | Incorrect Authorization vulnerability in Apache Solr In Apache Solr, the cluster can be partitioned into multiple collections and only a subset of nodes actually host any given collection. | 4.3 |