Vulnerabilities > Incorrect Authorization

DATE	CVE	VULNERABILITY TITLE	RISK
2024-05-20	CVE-2024-27312	Incorrect Authorization vulnerability in Zohocorp Manageengine Pam360 Zohocorp ManageEngine PAM360 version 6601 is vulnerable to authorization vulnerability which allows a low-privileged user to perform admin actions. network low complexity zohocorp CWE-863	8.1
2024-05-14	CVE-2024-27798	Incorrect Authorization vulnerability in Apple Macos An authorization issue was addressed with improved state management. local low complexity apple CWE-863	7.8
2024-04-25	CVE-2024-4006	Incorrect Authorization vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.7 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1 where personal access scopes were not honored by GraphQL subscriptions network low complexity gitlab CWE-863	4.3
2024-04-04	CVE-2024-30260	Incorrect Authorization vulnerability in multiple products Undici is an HTTP/1.1 client, written from scratch for Node.js. network low complexity nodejs fedoraproject CWE-863	4.3
2024-03-28	CVE-2024-31134	Incorrect Authorization vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.03 authenticated users without administrative permissions could register other users when self-registration was disabled network low complexity jetbrains CWE-863	6.5
2024-03-07	CVE-2024-28229	Incorrect Authorization vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.1.25893 user without appropriate permissions could restore issues and articles network low complexity jetbrains CWE-863	6.5
2024-03-07	CVE-2024-0199	Incorrect Authorization vulnerability in Gitlab An authorization bypass vulnerability was discovered in GitLab affecting versions 11.3 prior to 16.7.7, 16.7.6 prior to 16.8.4, and 16.8.3 prior to 16.9.2. network low complexity gitlab CWE-863	8.0
2024-03-06	CVE-2024-24761	Incorrect Authorization vulnerability in Galette 1.0.0/1.0.1 Galette is a membership management web application for non profit organizations. network low complexity galette CWE-863	7.5
2024-03-06	CVE-2024-28174	Incorrect Authorization vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.11.4 presigned URL generation requests in S3 Artifact Storage plugin were authorized improperly network low complexity jetbrains CWE-863	5.8
2024-02-21	CVE-2023-42860	Incorrect Authorization vulnerability in Apple Macos A permissions issue was addressed with additional restrictions. local low complexity apple CWE-863	5.5

Vulnerabilities > Incorrect Authorization {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Incorrect Authorization"}]}

Vulnerabilities > Incorrect Authorization