Vulnerabilities > Incorrect Authorization

DATE CVE VULNERABILITY TITLE RISK
2023-05-21 CVE-2023-33254 Incorrect Authorization vulnerability in Quest Kace Systems Deployment Appliance 9.0.146
There is an LDAP bind credentials exposure on KACE Systems Deployment and Remote Site appliances 9.0.146.
network
low complexity
quest CWE-863
6.5
2023-05-19 CVE-2023-26818 Incorrect Authorization vulnerability in Telegram 9.3.1/9.4
Telegram 9.3.1 and 9.4.0 allows attackers to access restricted files, microphone ,or video recording via the DYLD_INSERT_LIBRARIES flag.
local
low complexity
telegram CWE-863
5.5
2023-05-18 CVE-2023-31597 Incorrect Authorization vulnerability in Zammad
An issue in Zammad v5.4.0 allows attackers to bypass e-mail verification using an arbitrary address and manipulate the data of the generated user.
network
low complexity
zammad CWE-863
6.5
2023-05-18 CVE-2023-2782 Incorrect Authorization vulnerability in Acronis Cyber Infrastructure
Sensitive information disclosure due to improper authorization.
local
low complexity
acronis CWE-863
5.5
2023-05-15 CVE-2023-23445 Incorrect Authorization vulnerability in Sick products
Improper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to gain unauthorized access to data fields by using a therefore unpriviledged account via the REST interface.
network
low complexity
sick CWE-863
7.5
2023-05-15 CVE-2023-23446 Incorrect Authorization vulnerability in Sick products
Improper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to download files by using a therefore unpriviledged account via the REST interface.
network
low complexity
sick CWE-863
7.5
2023-05-12 CVE-2023-2515 Incorrect Authorization vulnerability in Mattermost Server
Mattermost fails to restrict a user with permissions to edit other users and to create personal access tokens from elevating their privileges to system admin
network
low complexity
mattermost CWE-863
8.8
2023-05-10 CVE-2022-41610 Incorrect Authorization vulnerability in Intel products
Improper authorization in Intel(R) EMA Configuration Tool before version 1.0.4 and Intel(R) MC before version 2.4 software may allow an authenticated user to potentially enable denial of service via local access.
local
low complexity
intel CWE-863
5.5
2023-05-10 CVE-2022-43465 Incorrect Authorization vulnerability in Intel Setup and Configuration Software
Improper authorization in the Intel(R) SCS software all versions may allow an authenticated user to potentially enable denial of service via local access.
local
low complexity
intel CWE-863
5.5
2023-05-10 CVE-2022-45128 Incorrect Authorization vulnerability in Intel Endpoint Management Assistant
Improper authorization in the Intel(R) EMA software before version 1.9.0.0 may allow an authenticated user to potentially enable denial of service via local access.
local
low complexity
intel CWE-863
5.5