Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-19 | CVE-2024-38329 | Incorrect Authorization vulnerability in IBM Storage Protect for Virtual Environments IBM Storage Protect for Virtual Environments: Data Protection for VMware 8.1.0.0 through 8.1.22.0 could allow a remote authenticated attacker to bypass security restrictions, caused by improper validation of user permission. | 7.7 |
| 2024-06-18 | CVE-2024-5860 | Incorrect Authorization vulnerability in Tickera The Tickera – WordPress Event Ticketing plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the tc_dl_delete_tickets AJAX action in all versions up to, and including, 3.5.2.8. | 4.3 |
| 2024-06-13 | CVE-2024-34130 | Incorrect Authorization vulnerability in Adobe Acrobat Reader 20.6.0/20.6.2/20.9.0 Acrobat Mobile Sign Android versions 24.4.2.33155 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. | 5.5 |
| 2024-06-13 | CVE-2024-34106 | Incorrect Authorization vulnerability in Adobe Commerce and Magento Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. | 5.3 |
| 2024-06-12 | CVE-2024-36265 | Incorrect Authorization vulnerability in Apache Submarine 0.8.0 ** UNSUPPORTED WHEN ASSIGNED ** Incorrect Authorization vulnerability in Apache Submarine Server Core. This issue affects Apache Submarine Server Core: from 0.8.0. As this project is retired, we do not plan to release a version that fixes this issue. | 9.8 |
| 2024-06-12 | CVE-2024-2698 | Incorrect Authorization vulnerability in Freeipa 4.11.0/4.11.1/4.12.0 A vulnerability was found in FreeIPA in how the initial implementation of MS-SFU by MIT Kerberos was missing a condition for granting the "forwardable" flag on S4U2Self tickets. | 8.8 |
| 2024-06-12 | CVE-2024-0160 | Incorrect Authorization vulnerability in Dell products Dell Client Platform contains an incorrect authorization vulnerability. | 6.8 |
| 2024-06-11 | CVE-2024-31402 | Incorrect Authorization vulnerability in Cybozu Garoon Incorrect authorization vulnerability in Cybozu Garoon 5.0.0 to 5.15.2 allows a remote authenticated attacker to delete the data of Shared To-Dos. | 4.3 |
| 2024-06-10 | CVE-2024-27848 | Incorrect Authorization vulnerability in Apple Ipados and Macos This issue was addressed with improved permissions checking. | 7.8 |
| 2024-06-08 | CVE-2024-4146 | Incorrect Authorization vulnerability in Lunary 1.2.13 In lunary-ai/lunary version v1.2.13, an incorrect authorization vulnerability exists that allows unauthorized users to access and manipulate projects within an organization they should not have access to. | 9.8 |