Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-24 | CVE-2017-16778 | Incorrect Authorization vulnerability in Fermax Outdoor Panel Firmware An access control weakness in the DTMF tone receiver of Fermax Outdoor Panel allows physical attackers to inject a Dual-Tone-Multi-Frequency (DTMF) tone to invoke an access grant that would allow physical access to a restricted floor/level. | 4.6 |
| 2019-12-20 | CVE-2012-6094 | Incorrect Authorization vulnerability in multiple products cups (Common Unix Printing System) 'Listen localhost:631' option not honored correctly which could provide unauthorized access to the system | 9.8 |
| 2019-12-19 | CVE-2019-11294 | Incorrect Authorization vulnerability in Cloudfoundry Cf-Deployment Cloud Foundry Cloud Controller API (CAPI), version 1.88.0, allows space developers to list all global service brokers, including service broker URLs and GUIDs, which should only be accessible to admins. | 4.3 |
| 2019-12-18 | CVE-2019-8512 | Incorrect Authorization vulnerability in Apple Iphone OS This issue was addressed with improved transparency. | 5.7 |
| 2019-12-17 | CVE-2019-0384 | Incorrect Authorization vulnerability in SAP products Transaction Management in SAP Treasury and Risk Management (corrected in S4CORE versions 1.01, 1.02, 1.03, 1.04 and EA-FINSERV versions 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0) does not perform necessary authorization checks for functionalities that require user identity. | 8.8 |
| 2019-12-17 | CVE-2019-0383 | Incorrect Authorization vulnerability in SAP products Transaction Management in SAP Treasury and Risk Management (corrected in S4CORE versions 1.01, 1.02, 1.03, 1.04 and EA-FINSERV versions 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. | 8.8 |
| 2019-12-05 | CVE-2019-7192 | Incorrect Authorization vulnerability in Qnap Photo Station This improper access control vulnerability allows remote attackers to gain unauthorized access to the system. | 9.8 |
| 2019-12-05 | CVE-2019-19597 | Incorrect Authorization vulnerability in Dlink Dap-1860 Firmware 1.01B06/1.02B01/1.04B01 D-Link DAP-1860 devices before v1.04b03 Beta allow arbitrary remote code execution as root without authentication via shell metacharacters within an HNAP_AUTH HTTP header. | 8.8 |
| 2019-12-05 | CVE-2019-19520 | Incorrect Authorization vulnerability in Openbsd 6.6 xlock in OpenBSD 6.6 allows local users to gain the privileges of the auth group by providing a LIBGL_DRIVERS_PATH environment variable, because xenocara/lib/mesa/src/loader/loader.c mishandles dlopen. | 7.8 |
| 2019-12-03 | CVE-2013-4411 | Incorrect Authorization vulnerability in multiple products Review Board: URL processing gives unauthorized users access to review lists | 4.3 |