Vulnerabilities > Incorrect Authorization

DATE CVE VULNERABILITY TITLE RISK
2022-06-23 CVE-2022-22967 Incorrect Authorization vulnerability in Saltstack Salt
An issue was discovered in SaltStack Salt in versions before 3002.9, 3003.5, 3004.2.
network
low complexity
saltstack CWE-863
6.5
2022-06-23 CVE-2022-34175 Incorrect Authorization vulnerability in Jenkins
Jenkins 2.335 through 2.355 (both inclusive) allows attackers in some cases to bypass a protection mechanism, thereby directly accessing some view fragments containing sensitive information, bypassing any permission checks in the corresponding view.
network
low complexity
jenkins CWE-863
5.0
2022-06-20 CVE-2017-20066 Incorrect Authorization vulnerability in Adminer Login Project Adminer Login 1.4.4
A vulnerability has been found in Adminer Login 1.4.4 and classified as problematic.
local
low complexity
adminer-login-project CWE-863
4.6
2022-06-20 CVE-2022-33913 Incorrect Authorization vulnerability in Mahara
In Mahara 21.04 before 21.04.6, 21.10 before 21.10.4, and 22.04.2, files can sometimes be downloaded through thumb.php with no permission check.
network
mahara CWE-863
4.3
2022-06-20 CVE-2022-1801 Incorrect Authorization vulnerability in Very Simple Contact Form Project Very Simple Contact Form
The Very Simple Contact Form WordPress plugin before 11.6 exposes the solution to the captcha in the rendered contact form, both as hidden input fields and as plain text in the page, making it very easy for bots to bypass the captcha check, rendering the page a likely target for spam bots.
network
low complexity
very-simple-contact-form-project CWE-863
5.0
2022-06-20 CVE-2022-26668 Incorrect Authorization vulnerability in Asus Control Center 1.4.2.5
ASUS Control Center API has a broken access control vulnerability.
network
low complexity
asus CWE-863
6.4
2022-06-17 CVE-2022-31876 Incorrect Authorization vulnerability in Netgear Wnap320 Firmware 2.0.3
netgear wnap320 router WNAP320_V2.0.3_firmware is vulnerable to Incorrect Access Control via /recreate.php, which can leak all users cookies.
network
low complexity
netgear CWE-863
5.0
2022-06-16 CVE-2022-27511 Incorrect Authorization vulnerability in Citrix Application Delivery Management
Corruption of the system by a remote, unauthenticated user.
network
low complexity
citrix CWE-863
7.8
2022-06-15 CVE-2022-30164 Incorrect Authorization vulnerability in Microsoft products
Kerberos AppContainer Security Feature Bypass Vulnerability.
local
low complexity
microsoft CWE-863
4.6
2022-06-15 CVE-2022-28749 Incorrect Authorization vulnerability in Zoom On-Premise Meeting Connector Multimedia Router 4.8.113.20220526
Zooms On-Premise Meeting Connector MMR before version 4.8.113.20220526 fails to properly check the permissions of a Zoom meeting attendee.
network
low complexity
zoom CWE-863
4.0