Vulnerabilities > Improper Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-16 | CVE-2020-36841 | The WooCommerce Smart Coupons plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the woocommerce_coupon_admin_init function in versions up to, and including, 4.6.0. | 5.3 |
| 2024-09-09 | CVE-2024-7015 | Improper Authorization vulnerability in Profelis Passbox Improper Authentication, Missing Authentication for Critical Function, Improper Authorization vulnerability in Profelis Informatics and Consulting PassBox allows Authentication Abuse.This issue affects PassBox: before v1.2. | 9.8 |
| 2024-08-07 | CVE-2024-7578 | Improper Authorization vulnerability in Alientechnology Alr-F800 Firmware A vulnerability was found in Alien Technology ALR-F800 up to 19.10.24.00. | 9.8 |
| 2024-06-13 | CVE-2024-34104 | Improper Authorization vulnerability in Adobe Commerce and Magento Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. | 8.2 |
| 2024-05-01 | CVE-2023-47166 | A firmware update vulnerability exists in the luci2-io file-import functionality of Milesight UR32L v32.3.0.7-r2. | 8.8 |
| 2024-03-12 | CVE-2024-21761 | Improper Authorization vulnerability in Fortinet Fortiportal An improper authorization vulnerability [CWE-285] in FortiPortal version 7.2.0, and versions 7.0.6 and below reports may allow a user to download other organizations reports via modification in the request payload. | 4.3 |
| 2024-02-07 | CVE-2024-23806 | Improper Authorization vulnerability in Hidglobal products Sensitive data can be extracted from HID iCLASS SE reader configuration cards. | 5.3 |
| 2024-01-19 | CVE-2023-40683 | Improper Authorization vulnerability in IBM Openpages With Watson 9.0 IBM OpenPages with Watson 8.3 and 9.0 could allow remote attacker to bypass security restrictions, caused by insufficient authorization checks. | 8.8 |
| 2024-01-12 | CVE-2022-4962 | Improper Authorization vulnerability in Apolloconfig Apollo 2.0.0/2.0.1 A vulnerability was found in Apollo 2.0.0/2.0.1 and classified as problematic. | 4.3 |
| 2023-12-29 | CVE-2023-52139 | Improper Authorization vulnerability in Misskey Misskey is an open source, decentralized social media platform. | 9.6 |