Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-30 | CVE-2024-22938 | Incorrect Authorization vulnerability in Bosscms 1.3.0 Insecure Permissions vulnerability in BossCMS v.1.3.0 allows a local attacker to execute arbitrary code and escalate privileges via the init function in admin.class.php component. | 7.8 |
| 2024-01-23 | CVE-2023-44401 | Incorrect Authorization vulnerability in Silverstripe Graphql The Silverstripe CMS GraphQL Server serves Silverstripe data as GraphQL representations. | 5.3 |
| 2024-01-23 | CVE-2023-49783 | Incorrect Authorization vulnerability in Silverstripe Admin Silverstripe Admin provides a basic management interface for the Silverstripe Framework. | 4.3 |
| 2024-01-22 | CVE-2024-23675 | Incorrect Authorization vulnerability in Splunk Cloud and Splunk In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store (KV Store) improperly handles permissions for users that use the REST application programming interface (API). | 6.5 |
| 2024-01-19 | CVE-2024-23329 | Incorrect Authorization vulnerability in Changedetection changedetection.io is an open source tool designed to monitor websites for content changes. | 3.7 |
| 2024-01-16 | CVE-2022-0775 | Incorrect Authorization vulnerability in Woocommerce The WooCommerce WordPress plugin before 6.2.1 does not have proper authorisation check when deleting reviews, which could allow any authenticated users, such as subscriber to delete arbitrary comment | 4.3 |
| 2024-01-16 | CVE-2023-52111 | Incorrect Authorization vulnerability in Huawei Emui and Harmonyos Authorization vulnerability in the BootLoader module. | 7.5 |
| 2024-01-12 | CVE-2023-5356 | Incorrect Authorization vulnerability in Gitlab Incorrect authorization checks in GitLab CE/EE from all versions starting from 8.13 before 16.5.6, all versions starting from 16.6 before 16.6.4, all versions starting from 16.7 before 16.7.2, allows a user to abuse slack/mattermost integrations to execute slash commands as another user. | 8.8 |
| 2024-01-09 | CVE-2024-21736 | Incorrect Authorization vulnerability in SAP S/4Hana Finance 107/128 SAP S/4HANA Finance for (Advanced Payment Management) - versions SAPSCORE 128, S4CORE 107, does not perform necessary authorization checks. | 6.5 |
| 2024-01-09 | CVE-2024-21735 | Incorrect Authorization vulnerability in SAP LT Replication Server SAP LT Replication Server - version S4CORE 103, S4CORE 104, S4CORE 105, S4CORE 106, S4CORE 107, S4CORE 108, does not perform necessary authorization checks. | 7.2 |