Vulnerabilities > Incorrect Authorization

DATE	CVE	VULNERABILITY TITLE	RISK
2024-12-09	CVE-2024-53949	Incorrect Authorization vulnerability in Apache Superset Improper Authorization vulnerability in Apache Superset when FAB_ADD_SECURITY_API is enabled (disabled by default). network low complexity apache CWE-863	6.5
2024-12-04	CVE-2023-52943	Incorrect Authorization vulnerability in Synology Surveillance Station Incorrect authorization vulnerability in Alert.Setting webapi component in Synology Surveillance Station before 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to to perform limited actions on the alerting function via unspecified vectors. network low complexity synology CWE-863	4.3
2024-12-04	CVE-2023-52944	Incorrect Authorization vulnerability in Synology Surveillance Station Incorrect authorization vulnerability in ActionRule webapi component in Synology Surveillance Station before 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to perform limited actions on the set action rules function via unspecified vectors. network low complexity synology CWE-863	4.3
2024-11-26	CVE-2024-11680	Incorrect Authorization vulnerability in Projectsend ProjectSend versions prior to r1720 are affected by an improper authentication vulnerability. network low complexity projectsend CWE-863 critical	9.8
2024-11-19	CVE-2023-21270	Incorrect Authorization vulnerability in Google Android 12.0/12.1/13.0 In restorePermissionState of PermissionManagerServiceImpl.java, there is a possible way for an app to keep permissions that should be revoked due to incorrect permission flags cleared during an update. local low complexity google CWE-863	7.8
2024-11-18	CVE-2024-21287	Incorrect Authorization vulnerability in Oracle Agile Product Lifecycle Management 9.3.6 Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Software Development Kit, Process Extension). network low complexity oracle CWE-863	7.5
2024-11-18	CVE-2024-48897	Incorrect Authorization vulnerability in Moodle A vulnerability was found in Moodle. network low complexity moodle CWE-863	4.3
2024-11-18	CVE-2024-48901	Incorrect Authorization vulnerability in Moodle A vulnerability was found in Moodle. network low complexity moodle CWE-863	4.3
2024-11-15	CVE-2024-52518	Incorrect Authorization vulnerability in Nextcloud Server Nextcloud Server is a self hosted personal cloud system. network low complexity nextcloud CWE-863	5.4
2024-11-14	CVE-2024-3379	Incorrect Authorization vulnerability in Lunary In lunary-ai/lunary versions 1.2.2 through 1.2.6, an incorrect authorization vulnerability allows unprivileged users to re-generate the private key for projects they do not have access to. network low complexity lunary CWE-863	8.1

Vulnerabilities > Incorrect Authorization {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Incorrect Authorization"}]}

Vulnerabilities > Incorrect Authorization