Vulnerabilities > Incorrect Authorization
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-06-23 | CVE-2022-22967 | Incorrect Authorization vulnerability in Saltstack Salt An issue was discovered in SaltStack Salt in versions before 3002.9, 3003.5, 3004.2. | 6.5 |
2022-06-23 | CVE-2022-34175 | Incorrect Authorization vulnerability in Jenkins Jenkins 2.335 through 2.355 (both inclusive) allows attackers in some cases to bypass a protection mechanism, thereby directly accessing some view fragments containing sensitive information, bypassing any permission checks in the corresponding view. | 5.0 |
2022-06-20 | CVE-2017-20066 | Incorrect Authorization vulnerability in Adminer Login Project Adminer Login 1.4.4 A vulnerability has been found in Adminer Login 1.4.4 and classified as problematic. | 4.6 |
2022-06-20 | CVE-2022-33913 | Incorrect Authorization vulnerability in Mahara In Mahara 21.04 before 21.04.6, 21.10 before 21.10.4, and 22.04.2, files can sometimes be downloaded through thumb.php with no permission check. | 4.3 |
2022-06-20 | CVE-2022-1801 | Incorrect Authorization vulnerability in Very Simple Contact Form Project Very Simple Contact Form The Very Simple Contact Form WordPress plugin before 11.6 exposes the solution to the captcha in the rendered contact form, both as hidden input fields and as plain text in the page, making it very easy for bots to bypass the captcha check, rendering the page a likely target for spam bots. | 5.0 |
2022-06-20 | CVE-2022-26668 | Incorrect Authorization vulnerability in Asus Control Center 1.4.2.5 ASUS Control Center API has a broken access control vulnerability. | 6.4 |
2022-06-17 | CVE-2022-31876 | Incorrect Authorization vulnerability in Netgear Wnap320 Firmware 2.0.3 netgear wnap320 router WNAP320_V2.0.3_firmware is vulnerable to Incorrect Access Control via /recreate.php, which can leak all users cookies. | 5.0 |
2022-06-16 | CVE-2022-27511 | Incorrect Authorization vulnerability in Citrix Application Delivery Management Corruption of the system by a remote, unauthenticated user. | 7.8 |
2022-06-15 | CVE-2022-30164 | Incorrect Authorization vulnerability in Microsoft products Kerberos AppContainer Security Feature Bypass Vulnerability. | 4.6 |
2022-06-15 | CVE-2022-28749 | Incorrect Authorization vulnerability in Zoom On-Premise Meeting Connector Multimedia Router 4.8.113.20220526 Zooms On-Premise Meeting Connector MMR before version 4.8.113.20220526 fails to properly check the permissions of a Zoom meeting attendee. | 4.0 |