Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-25 | CVE-2024-4006 | Incorrect Authorization vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.7 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1 where personal access scopes were not honored by GraphQL subscriptions | 4.3 |
| 2024-04-15 | CVE-2024-31990 | Incorrect Authorization vulnerability in Argoproj Argo CD Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. | 6.3 |
| 2024-04-10 | CVE-2024-1741 | Incorrect Authorization vulnerability in Lunary lunary-ai/lunary version 1.0.1 is vulnerable to improper authorization, allowing removed members to read, create, modify, and delete prompt templates using an old authorization token. | 9.1 |
| 2024-04-10 | CVE-2024-3388 | Incorrect Authorization vulnerability in Paloaltonetworks Pan-Os A vulnerability in the GlobalProtect Gateway in Palo Alto Networks PAN-OS software enables an authenticated attacker to impersonate another user and send network packets to internal assets. | 5.0 |
| 2024-04-04 | CVE-2024-30260 | Incorrect Authorization vulnerability in multiple products Undici is an HTTP/1.1 client, written from scratch for Node.js. | 4.3 |
| 2024-03-28 | CVE-2024-31134 | Incorrect Authorization vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.03 authenticated users without administrative permissions could register other users when self-registration was disabled | 6.5 |
| 2024-03-27 | CVE-2024-29892 | Incorrect Authorization vulnerability in Zitadel ZITADEL, open source authentication management software, uses Go templates to render the login UI. | 4.9 |
| 2024-03-21 | CVE-2024-27933 | Incorrect Authorization vulnerability in Deno 1.39.0 Deno is a JavaScript, TypeScript, and WebAssembly runtime. | 8.8 |
| 2024-03-07 | CVE-2024-28229 | Incorrect Authorization vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.1.25893 user without appropriate permissions could restore issues and articles | 6.5 |
| 2024-03-07 | CVE-2024-0199 | Incorrect Authorization vulnerability in Gitlab An authorization bypass vulnerability was discovered in GitLab affecting versions 11.3 prior to 16.7.7, 16.7.6 prior to 16.8.4, and 16.8.3 prior to 16.9.2. | 8.0 |