Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-06 | CVE-2024-37154 | Incorrect Authorization vulnerability in Evmos Evmos is the Ethereum Virtual Machine (EVM) Hub on the Cosmos Network. | 5.3 |
| 2024-06-06 | CVE-2024-3033 | Incorrect Authorization vulnerability in Mintplexlabs Anythingllm 0.0.1/0.1.0 An improper authorization vulnerability exists in the mintplex-labs/anything-llm application, specifically within the '/api/v/' endpoint and its sub-routes. | 9.4 |
| 2024-06-06 | CVE-2024-5324 | Incorrect Authorization vulnerability in Xootix products The Login/Signup Popup ( Inline Form + Woocommerce ) plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'import_settings' function in versions 2.7.1 to 2.7.2. | 8.8 |
| 2024-06-05 | CVE-2024-23669 | Incorrect Authorization vulnerability in Fortinet Fortiwebmanager An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6.3.0 and 6.2.3 through 6.2.4 and 6.0.2 allows attacker to execute unauthorized code or commands via HTTP requests or CLI. | 8.8 |
| 2024-05-18 | CVE-2024-3745 | MSI Afterburner v4.6.6.16381 Beta 3 is vulnerable to an ACL Bypass vulnerability in the RTCore64.sys driver, which leads to triggering vulnerabilities like CVE-2024-1443 and CVE-2024-1460 from a low privileged user. | 7.8 |
| 2024-04-26 | CVE-2023-50363 | Incorrect Authorization vulnerability in Qnap QTS and Quts Hero An incorrect authorization vulnerability has been reported to affect several QNAP operating system versions. | 8.1 |
| 2024-02-13 | CVE-2023-6152 | Incorrect Authorization vulnerability in Grafana A user changing their email after signing up and verifying it can change it without verification in profile settings. The configuration option "verify_email_enabled" will only validate email only on sign up. | 5.4 |
| 2024-02-13 | CVE-2024-24751 | Incorrect Authorization vulnerability in Derhansen Event Management and Registration 7.0.0 sf_event_mgt is an event management and registration extension for the TYPO3 CMS based on ExtBase and Fluid. | 8.8 |
| 2024-02-12 | CVE-2024-23833 | Incorrect Authorization vulnerability in Openrefine OpenRefine is a free, open source power tool for working with messy data and improving it. | 7.5 |
| 2024-02-12 | CVE-2024-25108 | Incorrect Authorization vulnerability in Pixelfed Pixelfed is an open source photo sharing platform. | 8.8 |