Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-19 | CVE-2022-48495 | Incorrect Authorization vulnerability in Huawei Emui 12.0.0/12.0.1/13.0.0 Vulnerability of unauthorized access to foreground app information.Successful exploitation of this vulnerability may cause foreground app information to be obtained. | 5.3 |
| 2023-06-19 | CVE-2023-34161 | Incorrect Authorization vulnerability in Huawei Emui nappropriate authorization vulnerability in the SettingsProvider module.Successful exploitation of this vulnerability may cause features to perform abnormally. | 7.5 |
| 2023-06-15 | CVE-2023-28175 | Incorrect Authorization vulnerability in Bosch products Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0, and 11.1.1 allows a remote authenticated user to access resources within the trusted internal network via a port forwarding request. | 7.7 |
| 2023-06-15 | CVE-2022-22307 | Incorrect Authorization vulnerability in IBM Security Guardium 11.3/11.4/11.5 IBM Security Guardium 11.3, 11.4, and 11.5 could allow a local user to obtain elevated privileges due to incorrect authorization checks. | 7.8 |
| 2023-06-13 | CVE-2023-24546 | Incorrect Authorization vulnerability in Arista Cloudvision Portal On affected versions of the CloudVision Portal improper access controls on the connection from devices to CloudVision could enable a malicious actor with network access to CloudVision to get broader access to telemetry and configuration data within the system than intended. | 8.1 |
| 2023-06-13 | CVE-2023-34965 | Incorrect Authorization vulnerability in Sspanel-Uim Project Sspanel-Uim 2023.3 SSPanel-Uim 2023.3 does not restrict access to the /link/ interface which can lead to a leak of user information. | 5.3 |
| 2023-06-08 | CVE-2023-32749 | Incorrect Authorization vulnerability in Pydio Cells Pydio Cells allows users by default to create so-called external users in order to share files with them. | 8.8 |
| 2023-06-07 | CVE-2020-36710 | Incorrect Authorization vulnerability in Wpserveur WPS Hide Login The WPS Hide Login plugin for WordPress is vulnerable to login page disclosure even when the settings of the plugin are set to hide the login page making it possible for unauthenticated attackers to brute force credentials on sites in versions up to, and including, 1.5.4.2. | 7.5 |
| 2023-06-07 | CVE-2021-4352 | Incorrect Authorization vulnerability in Eyecix Jobsearch WP JOB Board The JobSearch WP Job Board plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the save_locsettings function in versions up to, and including, 1.8.1. | 5.3 |
| 2023-06-06 | CVE-2023-22833 | Incorrect Authorization vulnerability in Palantir Foundry Palantir Foundry deployments running Lime2 versions between 2.519.0 and 2.532.0 were vulnerable a bug that allowed authenticated users within a Foundry organization to bypass discretionary or mandatory access controls under certain circumstances. | 6.5 |