Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-28 | CVE-2023-21225 | Incorrect Authorization vulnerability in Google Android there is a possible way to bypass the protected confirmation screen due to Failure to lock display power. | 7.8 |
| 2023-06-22 | CVE-2023-3114 | Incorrect Authorization vulnerability in Hashicorp Terraform Enterprise Terraform Enterprise since v202207-1 did not properly implement authorization rules for agent pools, allowing the workspace to be targeted by unauthorized agents. | 7.7 |
| 2023-06-22 | CVE-2023-34923 | Incorrect Authorization vulnerability in Topdesk 12.10.12 XML Signature Wrapping (XSW) in SAML-based Single Sign-on feature in TOPdesk v12.10.12 allows bad actors with credentials to authenticate with the Identity Provider (IP) to impersonate any TOPdesk user via SAML Response manipulation. | 8.1 |
| 2023-06-21 | CVE-2023-0971 | Incorrect Authorization vulnerability in Silabs Z/Ip Gateway SDK 7.18.01 A logic error in SiLabs Z/IP Gateway SDK 7.18.02 and earlier allows authentication to be bypassed, remote administration of Z-Wave controllers, and S0/S2 encryption keys to be recovered. | 8.8 |
| 2023-06-19 | CVE-2022-48488 | Incorrect Authorization vulnerability in Huawei Emui Vulnerability of bypassing the default desktop security controls.Successful exploitation of this vulnerability may cause unauthorized modifications to the desktop. | 5.3 |
| 2023-06-19 | CVE-2022-48495 | Incorrect Authorization vulnerability in Huawei Emui 12.0.0/12.0.1/13.0.0 Vulnerability of unauthorized access to foreground app information.Successful exploitation of this vulnerability may cause foreground app information to be obtained. | 5.3 |
| 2023-06-19 | CVE-2023-34161 | Incorrect Authorization vulnerability in Huawei Emui nappropriate authorization vulnerability in the SettingsProvider module.Successful exploitation of this vulnerability may cause features to perform abnormally. | 7.5 |
| 2023-06-15 | CVE-2023-28175 | Incorrect Authorization vulnerability in Bosch products Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0, and 11.1.1 allows a remote authenticated user to access resources within the trusted internal network via a port forwarding request. | 7.7 |
| 2023-06-15 | CVE-2022-22307 | Incorrect Authorization vulnerability in IBM Security Guardium 11.3/11.4/11.5 IBM Security Guardium 11.3, 11.4, and 11.5 could allow a local user to obtain elevated privileges due to incorrect authorization checks. | 7.8 |
| 2023-06-13 | CVE-2023-24546 | Incorrect Authorization vulnerability in Arista Cloudvision Portal On affected versions of the CloudVision Portal improper access controls on the connection from devices to CloudVision could enable a malicious actor with network access to CloudVision to get broader access to telemetry and configuration data within the system than intended. | 8.1 |