Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-26 | CVE-2023-2002 | Incorrect Authorization vulnerability in multiple products A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. | 6.8 |
| 2023-05-26 | CVE-2023-31226 | Incorrect Authorization vulnerability in Huawei Emui 13.0.0 The SDK for the MediaPlaybackController module has improper permission verification. | 7.5 |
| 2023-05-24 | CVE-2023-1158 | Incorrect Authorization vulnerability in Hitachi products Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.3, including 8.3.x expose dashboard prompts to users who are not part of the authorization list. | 4.3 |
| 2023-05-21 | CVE-2023-33254 | Incorrect Authorization vulnerability in Quest Kace Systems Deployment Appliance 9.0.146 There is an LDAP bind credentials exposure on KACE Systems Deployment and Remote Site appliances 9.0.146. | 6.5 |
| 2023-05-19 | CVE-2023-26818 | Incorrect Authorization vulnerability in Telegram 9.3.1/9.4 Telegram 9.3.1 and 9.4.0 allows attackers to access restricted files, microphone ,or video recording via the DYLD_INSERT_LIBRARIES flag. | 5.5 |
| 2023-05-18 | CVE-2023-31597 | Incorrect Authorization vulnerability in Zammad An issue in Zammad v5.4.0 allows attackers to bypass e-mail verification using an arbitrary address and manipulate the data of the generated user. | 6.5 |
| 2023-05-18 | CVE-2023-2782 | Incorrect Authorization vulnerability in Acronis Cyber Infrastructure Sensitive information disclosure due to improper authorization. | 5.5 |
| 2023-05-15 | CVE-2023-23445 | Incorrect Authorization vulnerability in Sick products Improper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to gain unauthorized access to data fields by using a therefore unpriviledged account via the REST interface. | 7.5 |
| 2023-05-15 | CVE-2023-23446 | Incorrect Authorization vulnerability in Sick products Improper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to download files by using a therefore unpriviledged account via the REST interface. | 7.5 |
| 2023-05-12 | CVE-2023-2515 | Incorrect Authorization vulnerability in Mattermost Server Mattermost fails to restrict a user with permissions to edit other users and to create personal access tokens from elevating their privileges to system admin | 8.8 |