Vulnerabilities > Incorrect Authorization

DATE CVE VULNERABILITY TITLE RISK
2025-02-11 CVE-2025-24409 Incorrect Authorization vulnerability in Adobe Commerce
Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass.
network
low complexity
adobe CWE-863
8.2
8.2
2025-02-11 CVE-2025-24434 Incorrect Authorization vulnerability in Adobe Commerce and Commerce B2B
Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Incorrect Authorization vulnerability that could result in Privilege escalation.
network
low complexity
adobe CWE-863
critical
 9.1
9.1
2025-02-11 CVE-2025-24436 Incorrect Authorization vulnerability in Adobe Commerce and Commerce B2B
Adobe Commerce versions 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11, 2.4.8-beta1 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass.
network
low complexity
adobe CWE-863
4.3
4.3
2025-02-11 CVE-2025-24437 Incorrect Authorization vulnerability in Adobe Commerce and Commerce B2B
Adobe Commerce versions 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11, 2.4.8-beta1 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass.
network
low complexity
adobe CWE-863
5.4
5.4
2025-02-10 CVE-2025-24200 Incorrect Authorization vulnerability in Apple Ipados
An authorization issue was addressed with improved state management.
low complexity
apple CWE-863
6.1
6.1
2025-01-26 CVE-2023-50946 Incorrect Authorization vulnerability in IBM Common Licensing 9.0.0
IBM Common Licensing 9.0 could allow an authenticated user to modify a configuration file that they should not have access to due to a broken authorization mechanism.
network
low complexity
ibm CWE-863
6.5
6.5
2025-01-21 CVE-2025-24460 Incorrect Authorization vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.12.1 improper access control allowed to see Projects’ names in the agent pool
network
low complexity
jetbrains CWE-863
4.3
4.3
2025-01-20 CVE-2025-0580 A vulnerability was found in Shiprocket Module 3 on OpenCart.
network
high complexity
CWE-863
5.6
5.6
2025-01-17 CVE-2024-57032 Incorrect Authorization vulnerability in Wegia
WeGIA < 3.2.0 is vulnerable to Incorrect Access Control in controle/control.php.
network
low complexity
wegia CWE-863
critical
 9.8
9.8
2024-12-27 CVE-2020-9081 Incorrect Authorization vulnerability in Huawei products
There is an improper authorization vulnerability in some Huawei smartphones.
low complexity
huawei CWE-863
6.8
6.8