Vulnerabilities > Incorrect Authorization

DATE	CVE	VULNERABILITY TITLE	RISK
2024-12-20	CVE-2024-56348	Incorrect Authorization vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.12 improper access control allowed viewing details of unauthorized agents network low complexity jetbrains CWE-863	4.3
2024-12-20	CVE-2024-56350	Incorrect Authorization vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.12 build credentials allowed unauthorized viewing of projects network low complexity jetbrains CWE-863	4.3
2024-12-20	CVE-2024-12831	Incorrect Authorization vulnerability in Arista NG Firewall 17.1.1 Arista NG Firewall uvm_login Incorrect Authorization Privilege Escalation Vulnerability. local low complexity arista CWE-863	7.8
2024-12-17	CVE-2024-12539	Incorrect Authorization vulnerability in Elastic Elasticsearch 8.16.0/8.16.1 An issue was discovered where improper authorization controls affected certain queries that could allow a malicious actor to circumvent Document Level Security in Elasticsearch and get access to documents that their roles would normally not allow. network low complexity elastic CWE-863	6.5
2024-12-17	CVE-2024-9654	Incorrect Authorization vulnerability in Awesomemotive Easy Digital Downloads The Easy Digital Downloads plugin for WordPress is vulnerable to Improper Authorization in versions 3.1 through 3.3.4. network high complexity awesomemotive CWE-863	3.7
2024-12-12	CVE-2024-55633	Incorrect Authorization vulnerability in Apache Superset Improper Authorization vulnerability in Apache Superset. network low complexity apache CWE-863	6.5
2024-12-09	CVE-2024-53949	Incorrect Authorization vulnerability in Apache Superset Improper Authorization vulnerability in Apache Superset when FAB_ADD_SECURITY_API is enabled (disabled by default). network low complexity apache CWE-863	6.5
2024-11-26	CVE-2024-11680	Incorrect Authorization vulnerability in Projectsend ProjectSend versions prior to r1720 are affected by an improper authentication vulnerability. network low complexity projectsend CWE-863 critical	9.8
2024-11-19	CVE-2023-21270	Incorrect Authorization vulnerability in Google Android 12.0/12.1/13.0 In restorePermissionState of PermissionManagerServiceImpl.java, there is a possible way for an app to keep permissions that should be revoked due to incorrect permission flags cleared during an update. local low complexity google CWE-863	7.8
2024-11-18	CVE-2024-21287	Incorrect Authorization vulnerability in Oracle Agile Product Lifecycle Management 9.3.6 Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Software Development Kit, Process Extension). network low complexity oracle CWE-863	7.5

Vulnerabilities > Incorrect Authorization {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Incorrect Authorization"}]}

Vulnerabilities > Incorrect Authorization