Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-11 | CVE-2023-28635 | Incorrect Authorization vulnerability in Vantage6 vantage6 is privacy preserving federated learning infrastructure. | 5.4 |
| 2023-10-11 | CVE-2023-35653 | Incorrect Authorization vulnerability in Google Android In TBD of TBD, there is a possible way to access location information due to a permissions bypass. | 4.4 |
| 2023-10-11 | CVE-2023-41882 | Incorrect Authorization vulnerability in Vantage6 vantage6 is privacy preserving federated learning infrastructure. | 4.3 |
| 2023-10-11 | CVE-2023-5521 | Incorrect Authorization vulnerability in Kernelsu Incorrect Authorization in GitHub repository tiann/kernelsu prior to v0.6.9. | 9.8 |
| 2023-10-10 | CVE-2023-36556 | Incorrect Authorization vulnerability in Fortinet Fortimail An incorrect authorization vulnerability [CWE-863] in FortiMail webmail version 7.2.0 through 7.2.2, version 7.0.0 through 7.0.5 and below 6.4.7 allows an authenticated attacker to login on other users accounts from the same web domain via crafted HTTP or HTTPs requests. | 8.8 |
| 2023-10-06 | CVE-2023-44860 | Incorrect Authorization vulnerability in Netis-Systems N3M Firmware 1.0.1.865 An issue in NETIS SYSTEMS N3Mv2 v.1.0.1.865 allows a remote attacker to cause a denial of service via the authorization component in the HTTP request. | 7.5 |
| 2023-10-05 | CVE-2022-3248 | Incorrect Authorization vulnerability in Redhat products A flaw was found in OpenShift API, as admission checks do not enforce "custom-host" permissions. | 7.5 |
| 2023-10-04 | CVE-2023-1832 | Incorrect Authorization vulnerability in multiple products An improper access control flaw was found in Candlepin. | 8.1 |
| 2023-10-04 | CVE-2023-4997 | Incorrect Authorization vulnerability in Prointegra Uptimedc Improper authorisation of regular users in ProIntegra Uptime DC software (versions below 2.0.0.33940) allows them to change passwords of all other users including administrators leading to a privilege escalation. | 8.8 |
| 2023-09-29 | CVE-2023-5159 | Incorrect Authorization vulnerability in Mattermost Mattermost fails to properly verify the permissions when managing/updating a bot allowing a User Manager role with user edit permissions to manage/update bots. | 2.7 |