Vulnerabilities > Incorrect Authorization
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-02-09 | CVE-2024-24774 | Incorrect Authorization vulnerability in Mattermost Server 5.23.0 Mattermost Jira Plugin handling subscriptions fails to check the security level of an incoming issue or limit it based on the user who created the subscription resulting in registered users on Jira being able to create webhooks that give them access to all Jira issues. | 4.1 |
2024-02-07 | CVE-2024-24824 | Incorrect Authorization vulnerability in Graylog Graylog is a free and open log management platform. | 8.8 |
2024-02-06 | CVE-2024-20828 | Incorrect Authorization vulnerability in Samsung Internet Improper authorization verification vulnerability in Samsung Internet prior to version 24.0 allows physical attackers to access files downloaded in SecretMode without proper authentication. | 4.6 |
2024-02-05 | CVE-2023-6963 | Incorrect Authorization vulnerability in Motopress Getwid - Gutenberg Blocks 1.8.3/2.0.3 The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to CAPTCHA Bypass in versions up to, and including, 2.0.4. | 5.3 |
2024-02-05 | CVE-2024-22208 | Incorrect Authorization vulnerability in PHPmyfaq phpMyFAQ is an Open Source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. | 6.5 |
2024-02-02 | CVE-2023-32967 | Incorrect Authorization vulnerability in Qnap QTS and Qutscloud An incorrect authorization vulnerability has been reported to affect several QNAP operating system versions. | 6.5 |
2024-01-31 | CVE-2024-24573 | Incorrect Authorization vulnerability in Facilemanager facileManager is a modular suite of web apps built with the sysadmin in mind. | 8.8 |
2024-01-31 | CVE-2024-23653 | Incorrect Authorization vulnerability in Mobyproject Buildkit BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. | 9.8 |
2024-01-30 | CVE-2024-22938 | Incorrect Authorization vulnerability in Bosscms 1.3.0 Insecure Permissions vulnerability in BossCMS v.1.3.0 allows a local attacker to execute arbitrary code and escalate privileges via the init function in admin.class.php component. | 7.8 |
2024-01-23 | CVE-2023-44401 | Incorrect Authorization vulnerability in Silverstripe Graphql The Silverstripe CMS GraphQL Server serves Silverstripe data as GraphQL representations. | 5.3 |