Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-17 | CVE-2023-40168 | Incorrect Authorization vulnerability in Turbowarp Desktop TurboWarp is a desktop application that compiles scratch projects to JavaScript. | 6.5 |
| 2023-08-17 | CVE-2023-25647 | Incorrect Authorization vulnerability in ZTE products There is a permission and access control vulnerability in some ZTE mobile phones. | 3.3 |
| 2023-08-14 | CVE-2023-32748 | Incorrect Authorization vulnerability in Mitel Mivoice Connect The Linux DVS server component of Mitel MiVoice Connect through 19.3 SP2 (22.24.1500.0) could allow an unauthenticated attacker with internal network access to execute arbitrary scripts due to improper access control. | 9.8 |
| 2023-08-13 | CVE-2023-39384 | Incorrect Authorization vulnerability in Huawei Emui and Harmonyos Vulnerability of incomplete permission verification in the input method module. | 7.5 |
| 2023-08-11 | CVE-2023-4107 | Incorrect Authorization vulnerability in Mattermost Mattermost fails to properly validate the requesting user permissions when updating a system admin, allowing a user manager to update a system admin's details such as email, first name and last name. | 6.5 |
| 2023-08-10 | CVE-2023-39965 | Incorrect Authorization vulnerability in Fit2Cloud 1Panel 1.4.3 1Panel is an open source Linux server operation and maintenance management panel. | 4.3 |
| 2023-08-10 | CVE-2023-30705 | Incorrect Authorization vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4/4.5.41.8 Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.56.6?allows local attackers to access privileged content providers as Galaxy Store permission. | 5.5 |
| 2023-08-09 | CVE-2023-33468 | Incorrect Authorization vulnerability in Kramerav VIA Connect2 Firmware and VIA GO2 Firmware KramerAV VIA Connect (2) and VIA Go (2) devices with a version prior to 4.0.1.1326 exhibit a vulnerability that enables remote manipulation of the device. | 9.1 |
| 2023-08-09 | CVE-2023-24471 | Incorrect Authorization vulnerability in Nozominetworks CMC and Guardian An access control vulnerability was found, due to the restrictions that are applied on actual assertions not being enforced in their debug functionality. An authenticated user with reduced visibility can obtain unauthorized information via the debug functionality, obtaining data that would normally be not accessible in the Query and Assertions functions. | 6.5 |
| 2023-08-09 | CVE-2023-38209 | Incorrect Authorization vulnerability in Adobe Commerce Adobe Commerce versions 2.4.6-p1 (and earlier), 2.4.5-p3 (and earlier) and 2.4.4-p4 (and earlier) are affected by an Incorrect Authorization vulnerability that could lead to a Security feature bypass. | 6.5 |