Vulnerabilities > Incorrect Authorization

DATE	CVE	VULNERABILITY TITLE	RISK
2024-04-10	CVE-2024-1741	Incorrect Authorization vulnerability in Lunary lunary-ai/lunary version 1.0.1 is vulnerable to improper authorization, allowing removed members to read, create, modify, and delete prompt templates using an old authorization token. network low complexity lunary CWE-863 critical	9.1
2024-04-10	CVE-2024-3388	Incorrect Authorization vulnerability in Paloaltonetworks Pan-Os A vulnerability in the GlobalProtect Gateway in Palo Alto Networks PAN-OS software enables an authenticated attacker to impersonate another user and send network packets to internal assets. network low complexity paloaltonetworks CWE-863	5.0
2024-04-04	CVE-2024-30260	Incorrect Authorization vulnerability in multiple products Undici is an HTTP/1.1 client, written from scratch for Node.js. network low complexity nodejs fedoraproject CWE-863	4.3
2024-03-28	CVE-2024-31134	Incorrect Authorization vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.03 authenticated users without administrative permissions could register other users when self-registration was disabled network low complexity jetbrains CWE-863	6.5
2024-03-27	CVE-2024-29892	Incorrect Authorization vulnerability in Zitadel ZITADEL, open source authentication management software, uses Go templates to render the login UI. network low complexity zitadel CWE-863	4.9
2024-03-27	CVE-2024-23451	Incorrect Authorization vulnerability in Elastic Elasticsearch Incorrect Authorization issue exists in the API key based security model for Remote Cluster Security, which is currently in Beta, in Elasticsearch 8.10.0 and before 8.13.0. network low complexity elastic CWE-863	6.5
2024-03-21	CVE-2024-27933	Incorrect Authorization vulnerability in Deno 1.39.0 Deno is a JavaScript, TypeScript, and WebAssembly runtime. local low complexity deno CWE-863	8.8
2024-03-17	CVE-2024-2557	Incorrect Authorization vulnerability in Kishor-23 Food Waste Management System 1.0 A vulnerability was found in kishor-23 Food Waste Management System 1.0. network low complexity kishor-23 CWE-863 critical	9.1
2024-03-07	CVE-2024-28229	Incorrect Authorization vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.1.25893 user without appropriate permissions could restore issues and articles network low complexity jetbrains CWE-863	6.5
2024-03-07	CVE-2024-0199	Incorrect Authorization vulnerability in Gitlab An authorization bypass vulnerability was discovered in GitLab affecting versions 11.3 prior to 16.7.7, 16.7.6 prior to 16.8.4, and 16.8.3 prior to 16.9.2. network low complexity gitlab CWE-863	8.0

Vulnerabilities > Incorrect Authorization {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Incorrect Authorization"}]}

Vulnerabilities > Incorrect Authorization