Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-06 | CVE-2023-33651 | Incorrect Authorization vulnerability in Sitecore products An issue in the MVC Device Simulator of Sitecore Experience Platform (XP), Experience Manager (XM), and Experience Commerce (XC) v9.0 Initial Release to v13.0 Initial Release allows attackers to bypass authorization rules. | 7.5 |
| 2023-06-06 | CVE-2022-40529 | Incorrect Authorization vulnerability in Qualcomm products Memory corruption due to improper access control in kernel while processing a mapping request from root process. | 7.8 |
| 2023-06-06 | CVE-2023-21670 | Incorrect Authorization vulnerability in Qualcomm products Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode. | 7.8 |
| 2023-06-05 | CVE-2023-3027 | Incorrect Authorization vulnerability in Redhat Advanced Cluster Management for Kubernetes 2.5/2.6/2.7 The grc-policy-propagator allows security escalation within the cluster. | 7.8 |
| 2023-06-02 | CVE-2023-3033 | Incorrect Authorization vulnerability in Mobatime web Application 06.7.22 Incorrect Authorization vulnerability in Mobatime web application allows Privilege Escalation, Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mobatime web application: through 06.7.22. | 8.8 |
| 2023-05-31 | CVE-2023-34219 | Incorrect Authorization vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.05 improper permission checks allowed users without appropriate permissions to edit Build Configuration settings via REST API | 4.3 |
| 2023-05-31 | CVE-2023-28352 | Incorrect Authorization vulnerability in Faronics Insight 10.0.19045 An issue was discovered in Faronics Insight 10.0.19045 on Windows. | 7.4 |
| 2023-05-26 | CVE-2023-2002 | Incorrect Authorization vulnerability in multiple products A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. | 6.8 |
| 2023-05-26 | CVE-2023-31226 | Incorrect Authorization vulnerability in Huawei Emui 13.0.0 The SDK for the MediaPlaybackController module has improper permission verification. | 7.5 |
| 2023-05-24 | CVE-2023-1158 | Incorrect Authorization vulnerability in Hitachi products Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.3, including 8.3.x expose dashboard prompts to users who are not part of the authorization list. | 4.3 |