Vulnerabilities > Improper Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-12 | CVE-2024-21761 | Improper Authorization vulnerability in Fortinet Fortiportal An improper authorization vulnerability [CWE-285] in FortiPortal version 7.2.0, and versions 7.0.6 and below reports may allow a user to download other organizations reports via modification in the request payload. | 4.3 |
| 2024-01-12 | CVE-2022-4962 | Improper Authorization vulnerability in Apolloconfig Apollo 2.0.0/2.0.1 A vulnerability was found in Apollo 2.0.0/2.0.1 and classified as problematic. | 4.3 |
| 2024-01-09 | CVE-2024-21736 | Improper Authorization vulnerability in SAP S/4Hana Finance 107/128 SAP S/4HANA Finance for (Advanced Payment Management) - versions SAPSCORE 128, S4CORE 107, does not perform necessary authorization checks. | 6.5 |
| 2023-12-29 | CVE-2023-52139 | Improper Authorization vulnerability in Misskey Misskey is an open source, decentralized social media platform. | 9.6 |
| 2023-12-13 | CVE-2023-41673 | Improper Authorization vulnerability in Fortinet Fortiadc An improper authorization vulnerability [CWE-285] in Fortinet FortiADC version 7.4.0 and before 7.2.2 may allow a low privileged user to read or backup the full system configuration via HTTP or HTTPS requests. | 5.4 |
| 2023-11-03 | CVE-2023-5948 | Improper Authorization vulnerability in Teamamaze Amaze File Utilities Improper Authorization in GitHub repository teamamaze/amazefileutilities prior to 1.91. | 5.5 |
| 2023-10-25 | CVE-2023-42491 | Improper Authorization vulnerability in Busbaer Eisbaer Scada EisBaer Scada - CWE-285: Improper Authorization | 9.8 |
| 2023-10-13 | CVE-2023-38220 | Improper Authorization vulnerability in Adobe Commerce and Magento Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Improper Authorization vulnerability that could lead in a security feature bypass in a way that an attacker could access unauthorised data. | 7.5 |
| 2023-09-27 | CVE-2023-42453 | Improper Authorization vulnerability in multiple products Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. | 4.3 |
| 2023-09-27 | CVE-2023-28055 | Improper Authorization vulnerability in Dell Networker Dell NetWorker, Version 19.7 has an improper authorization vulnerability in the NetWorker client. | 8.8 |