Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-20 | CVE-2024-56348 | Incorrect Authorization vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.12 improper access control allowed viewing details of unauthorized agents | 4.3 |
| 2024-12-20 | CVE-2024-56350 | Incorrect Authorization vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.12 build credentials allowed unauthorized viewing of projects | 4.3 |
| 2024-12-20 | CVE-2024-12831 | Incorrect Authorization vulnerability in Arista NG Firewall 17.1.1 Arista NG Firewall uvm_login Incorrect Authorization Privilege Escalation Vulnerability. | 7.8 |
| 2024-12-17 | CVE-2024-12539 | Incorrect Authorization vulnerability in Elastic Elasticsearch 8.16.0/8.16.1 An issue was discovered where improper authorization controls affected certain queries that could allow a malicious actor to circumvent Document Level Security in Elasticsearch and get access to documents that their roles would normally not allow. | 6.5 |
| 2024-12-17 | CVE-2024-9654 | Incorrect Authorization vulnerability in Awesomemotive Easy Digital Downloads The Easy Digital Downloads plugin for WordPress is vulnerable to Improper Authorization in versions 3.1 through 3.3.4. | 3.7 |
| 2024-12-12 | CVE-2024-55633 | Incorrect Authorization vulnerability in Apache Superset Improper Authorization vulnerability in Apache Superset. | 6.5 |
| 2024-12-09 | CVE-2024-53949 | Incorrect Authorization vulnerability in Apache Superset Improper Authorization vulnerability in Apache Superset when FAB_ADD_SECURITY_API is enabled (disabled by default). | 6.5 |
| 2024-12-04 | CVE-2023-52943 | Incorrect Authorization vulnerability in Synology Surveillance Station Incorrect authorization vulnerability in Alert.Setting webapi component in Synology Surveillance Station before 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to to perform limited actions on the alerting function via unspecified vectors. | 4.3 |
| 2024-12-04 | CVE-2023-52944 | Incorrect Authorization vulnerability in Synology Surveillance Station Incorrect authorization vulnerability in ActionRule webapi component in Synology Surveillance Station before 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to perform limited actions on the set action rules function via unspecified vectors. | 4.3 |
| 2024-11-26 | CVE-2024-11680 | Incorrect Authorization vulnerability in Projectsend ProjectSend versions prior to r1720 are affected by an improper authentication vulnerability. | 9.8 |