Vulnerabilities > Incorrect Authorization

DATE	CVE	VULNERABILITY TITLE	RISK
2023-12-06	CVE-2023-48859	Incorrect Authorization vulnerability in Totolink A3002Ru Firmware 2.0.0B20190902.1958 TOTOLINK A3002RU version 2.0.0-B20190902.1958 has a post-authentication RCE due to incorrect access control, allows attackers to bypass front-end security restrictions and execute arbitrary code. network low complexity totolink CWE-863	8.8
2023-12-06	CVE-2023-49239	Incorrect Authorization vulnerability in Huawei Emui and Harmonyos Unauthorized access vulnerability in the card management module. network low complexity huawei CWE-863	7.5
2023-12-06	CVE-2023-49240	Incorrect Authorization vulnerability in Huawei Emui and Harmonyos Unauthorized access vulnerability in the launcher module. network low complexity huawei CWE-863	7.5
2023-12-05	CVE-2023-33071	Incorrect Authorization vulnerability in Qualcomm products Memory corruption in Automotive OS whenever untrusted apps try to access HAb for graphics functionalities. local low complexity qualcomm CWE-863	7.8
2023-12-05	CVE-2023-42569	Incorrect Authorization vulnerability in Samsung Android 11.0/13.0 Improper authorization verification vulnerability in AR Emoji prior to SMR Dec-2023 Release 1 allows attackers to read sandbox data of AR Emoji. local low complexity samsung CWE-863	3.3
2023-12-05	CVE-2023-42575	Incorrect Authorization vulnerability in Samsung Pass 4.0.05.1/4.2.03.1 Improper Authentication vulnerability in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication due to invalid flag setting. low complexity samsung CWE-863	6.8
2023-12-03	CVE-2023-49947	Incorrect Authorization vulnerability in Forgejo Forgejo before 1.20.5-1 allows 2FA bypass when docker login uses Basic Authentication. network low complexity forgejo CWE-863	7.5
2023-12-01	CVE-2023-42006	Incorrect Authorization vulnerability in IBM I IBM Administration Runtime Expert for i 7.2, 7.3, 7.4, and 7.5 could allow a local user to obtain sensitive information caused by improper authority checks. local low complexity ibm CWE-863	5.5
2023-11-30	CVE-2023-47827	Incorrect Authorization vulnerability in Nicheaddons Events Addon for Elementor Incorrect Authorization vulnerability in NicheAddons Events Addon for Elementor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Events Addon for Elementor: from n/a through 2.1.3. network low complexity nicheaddons CWE-863	7.5
2023-11-27	CVE-2023-40610	Incorrect Authorization vulnerability in Apache Superset Improper authorization check and possible privilege escalation on Apache Superset up to but excluding 2.1.2. network low complexity apache CWE-863	8.8

Vulnerabilities > Incorrect Authorization {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Incorrect Authorization"}]}

Vulnerabilities > Incorrect Authorization