Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-12 | CVE-2023-6036 | Incorrect Authorization vulnerability in Miniorange Web3 - Crypto Wallet Login & NFT Token Gating The Web3 WordPress plugin before 3.0.0 is vulnerable to an authentication bypass due to incorrect authentication checking in the login flow in functions 'handle_auth_request' and 'hadle_login_request'. | 9.8 |
| 2024-02-09 | CVE-2024-24774 | Incorrect Authorization vulnerability in Mattermost Server Mattermost Jira Plugin handling subscriptions fails to check the security level of an incoming issue or limit it based on the user who created the subscription resulting in registered users on Jira being able to create webhooks that give them access to all Jira issues. | 4.1 |
| 2024-02-07 | CVE-2024-24824 | Incorrect Authorization vulnerability in Graylog Graylog is a free and open log management platform. | 8.8 |
| 2024-02-06 | CVE-2024-20828 | Incorrect Authorization vulnerability in Samsung Internet Improper authorization verification vulnerability in Samsung Internet prior to version 24.0 allows physical attackers to access files downloaded in SecretMode without proper authentication. | 4.6 |
| 2024-02-05 | CVE-2023-6963 | Incorrect Authorization vulnerability in Motopress Getwid - Gutenberg Blocks 1.8.3/2.0.3 The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to CAPTCHA Bypass in versions up to, and including, 2.0.4. | 5.3 |
| 2024-02-05 | CVE-2024-22208 | Incorrect Authorization vulnerability in PHPmyfaq phpMyFAQ is an Open Source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. | 6.5 |
| 2024-02-02 | CVE-2023-32967 | Incorrect Authorization vulnerability in Qnap QTS and Qutscloud An incorrect authorization vulnerability has been reported to affect several QNAP operating system versions. | 6.5 |
| 2024-02-02 | CVE-2023-47142 | Incorrect Authorization vulnerability in IBM Tivoli Application Dependency Discovery Manager IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 could allow an attacker on the organization's local network to escalate their privileges due to unauthorized API access. | 8.8 |
| 2024-01-31 | CVE-2024-24573 | Incorrect Authorization vulnerability in Facilemanager facileManager is a modular suite of web apps built with the sysadmin in mind. | 8.8 |
| 2024-01-31 | CVE-2024-23653 | Incorrect Authorization vulnerability in Mobyproject Buildkit BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. | 9.8 |