Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-07 | CVE-2024-24824 | Incorrect Authorization vulnerability in Graylog Graylog is a free and open log management platform. | 8.8 |
| 2024-02-06 | CVE-2024-20828 | Incorrect Authorization vulnerability in Samsung Internet Improper authorization verification vulnerability in Samsung Internet prior to version 24.0 allows physical attackers to access files downloaded in SecretMode without proper authentication. | 4.6 |
| 2024-02-05 | CVE-2023-6963 | Incorrect Authorization vulnerability in Motopress Getwid The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to CAPTCHA Bypass in versions up to, and including, 2.0.4. | 5.3 |
| 2024-02-02 | CVE-2023-32967 | Incorrect Authorization vulnerability in Qnap QTS and Qutscloud An incorrect authorization vulnerability has been reported to affect several QNAP operating system versions. | 6.5 |
| 2024-01-31 | CVE-2024-24573 | Incorrect Authorization vulnerability in Facilemanager facileManager is a modular suite of web apps built with the sysadmin in mind. | 8.8 |
| 2024-01-30 | CVE-2024-22938 | Incorrect Authorization vulnerability in Bosscms 1.3.0 Insecure Permissions vulnerability in BossCMS v.1.3.0 allows a local attacker to execute arbitrary code and escalate privileges via the init function in admin.class.php component. | 7.8 |
| 2024-01-22 | CVE-2024-23675 | Incorrect Authorization vulnerability in Splunk Cloud and Splunk In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store (KV Store) improperly handles permissions for users that use the REST application programming interface (API). | 6.5 |
| 2024-01-16 | CVE-2022-0775 | Incorrect Authorization vulnerability in Woocommerce The WooCommerce WordPress plugin before 6.2.1 does not have proper authorisation check when deleting reviews, which could allow any authenticated users, such as subscriber to delete arbitrary comment | 4.3 |
| 2024-01-16 | CVE-2023-52111 | Incorrect Authorization vulnerability in Huawei Emui and Harmonyos Authorization vulnerability in the BootLoader module. | 7.5 |
| 2024-01-12 | CVE-2023-5356 | Incorrect Authorization vulnerability in Gitlab Incorrect authorization checks in GitLab CE/EE from all versions starting from 8.13 before 16.5.6, all versions starting from 16.6 before 16.6.4, all versions starting from 16.7 before 16.7.2, allows a user to abuse slack/mattermost integrations to execute slash commands as another user. | 8.8 |