Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-15 | CVE-2020-17354 | Incorrect Authorization vulnerability in Lilypond LilyPond before 2.24 allows attackers to bypass the -dsafe protection mechanism via output-def-lookup or output-def-scope, as demonstrated by dangerous Scheme code in a .ly file that causes arbitrary code execution during conversion to a different file format. | 8.6 |
| 2023-04-12 | CVE-2023-22620 | Incorrect Authorization vulnerability in Securepoint Unified Threat Management An issue was discovered in SecurePoint UTM before 12.2.5.1. | 7.5 |
| 2023-04-11 | CVE-2023-25415 | Incorrect Authorization vulnerability in Aten Pe8108 Firmware 2.4.232 Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. | 5.3 |
| 2023-04-11 | CVE-2022-40682 | Incorrect Authorization vulnerability in Fortinet Forticlient A incorrect authorization in Fortinet FortiClient (Windows) 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10 allows an attacker to execute unauthorized code or commands via sending a crafted request to a specific named pipe. | 7.8 |
| 2023-04-11 | CVE-2022-43770 | Incorrect Authorization vulnerability in Hitachivantara Pentaho Business Analytics Hitachi Vantara Pentaho Business Analytics Server versions before 9.3.0.0, 9.2.0.4 and 8.3.0.27 does not correctly perform an authorization check in the dashboard editor plugin API. | 8.1 |
| 2023-04-05 | CVE-2023-1071 | Incorrect Authorization vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions from 15.5 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. | 4.3 |
| 2023-04-05 | CVE-2023-1417 | Incorrect Authorization vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. | 4.3 |
| 2023-04-05 | CVE-2023-0319 | Incorrect Authorization vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 13.6 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1, allowing to read environment names supposed to be restricted to project memebers only. | 5.3 |
| 2023-04-03 | CVE-2022-43940 | Incorrect Authorization vulnerability in Hitachi Vantara Pentaho Business Analytics Server 9.4.0.0 Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including 8.3.x do not correctly perform an authorization check in the data source management service. | 8.8 |
| 2023-04-02 | CVE-2023-1202 | Incorrect Authorization vulnerability in Devolutions Remote Desktop Manager Permission bypass when importing or synchronizing entries in User vault in Devolutions Remote Desktop Manager 2023.1.9 and prior versions allows users with restricted rights to bypass entry permission via id collision. | 6.5 |