Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-15 | CVE-2022-22307 | Incorrect Authorization vulnerability in IBM Security Guardium 11.3/11.4/11.5 IBM Security Guardium 11.3, 11.4, and 11.5 could allow a local user to obtain elevated privileges due to incorrect authorization checks. | 7.8 |
| 2023-06-13 | CVE-2023-32061 | Incorrect Authorization vulnerability in Discourse Discourse is an open source discussion platform. | 5.3 |
| 2023-06-13 | CVE-2023-24546 | Incorrect Authorization vulnerability in Arista Cloudvision Portal On affected versions of the CloudVision Portal improper access controls on the connection from devices to CloudVision could enable a malicious actor with network access to CloudVision to get broader access to telemetry and configuration data within the system than intended. | 8.1 |
| 2023-06-13 | CVE-2023-34965 | Incorrect Authorization vulnerability in Sspanel-Uim Project Sspanel-Uim 2023.3 SSPanel-Uim 2023.3 does not restrict access to the /link/ interface which can lead to a leak of user information. | 5.3 |
| 2023-06-08 | CVE-2023-32749 | Incorrect Authorization vulnerability in Pydio Cells Pydio Cells allows users by default to create so-called external users in order to share files with them. | 8.8 |
| 2023-06-07 | CVE-2020-36710 | Incorrect Authorization vulnerability in Wpserveur WPS Hide Login The WPS Hide Login plugin for WordPress is vulnerable to login page disclosure even when the settings of the plugin are set to hide the login page making it possible for unauthenticated attackers to brute force credentials on sites in versions up to, and including, 1.5.4.2. | 7.5 |
| 2023-06-07 | CVE-2021-4352 | Incorrect Authorization vulnerability in Eyecix Jobsearch WP JOB Board The JobSearch WP Job Board plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the save_locsettings function in versions up to, and including, 1.8.1. | 5.3 |
| 2023-06-06 | CVE-2023-22833 | Incorrect Authorization vulnerability in Palantir Foundry Palantir Foundry deployments running Lime2 versions between 2.519.0 and 2.532.0 were vulnerable a bug that allowed authenticated users within a Foundry organization to bypass discretionary or mandatory access controls under certain circumstances. | 6.5 |
| 2023-06-06 | CVE-2023-32683 | Incorrect Authorization vulnerability in Matrix Synapse Synapse is a Matrix protocol homeserver written in Python with the Twisted framework. | 5.4 |
| 2023-06-06 | CVE-2023-33651 | Incorrect Authorization vulnerability in Sitecore products An issue in the MVC Device Simulator of Sitecore Experience Platform (XP), Experience Manager (XM), and Experience Commerce (XC) v9.0 Initial Release to v13.0 Initial Release allows attackers to bypass authorization rules. | 7.5 |