Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-10 | CVE-2024-27848 | Incorrect Authorization vulnerability in Apple Ipados and Macos This issue was addressed with improved permissions checking. | 7.8 |
| 2024-06-08 | CVE-2024-4146 | Incorrect Authorization vulnerability in Lunary 1.2.13 In lunary-ai/lunary version v1.2.13, an incorrect authorization vulnerability exists that allows unauthorized users to access and manipulate projects within an organization they should not have access to. | 9.8 |
| 2024-06-06 | CVE-2024-37154 | Incorrect Authorization vulnerability in Evmos Evmos is the Ethereum Virtual Machine (EVM) Hub on the Cosmos Network. | 5.3 |
| 2024-06-05 | CVE-2024-23669 | Incorrect Authorization vulnerability in Fortinet Fortiwebmanager An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6.3.0 and 6.2.3 through 6.2.4 and 6.0.2 allows attacker to execute unauthorized code or commands via HTTP requests or CLI. | 8.8 |
| 2024-05-29 | CVE-2024-36364 | Incorrect Authorization vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 improper access control in Pull Requests and Commit status publisher build features was possible | 6.5 |
| 2024-05-29 | CVE-2024-36365 | Incorrect Authorization vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5, 2024.03.2 a third-party agent could impersonate a cloud agent | 8.1 |
| 2024-05-27 | CVE-2024-36037 | Incorrect Authorization vulnerability in Zohocorp Manageengine Adaudit Plus Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to view the session recordings. | 5.5 |
| 2024-05-23 | CVE-2024-5258 | Incorrect Authorization vulnerability in Gitlab An authorization vulnerability exists within GitLab from versions 16.10 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1 where an authenticated attacker could utilize a crafted naming convention to bypass pipeline authorization logic. | 4.3 |
| 2024-05-20 | CVE-2024-27312 | Incorrect Authorization vulnerability in Zohocorp Manageengine Pam360 Zohocorp ManageEngine PAM360 version 6601 is vulnerable to authorization vulnerability which allows a low-privileged user to perform admin actions. | 8.1 |
| 2024-05-14 | CVE-2024-27798 | Incorrect Authorization vulnerability in Apple Macos An authorization issue was addressed with improved state management. | 7.8 |