Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-18 | CVE-2023-2782 | Incorrect Authorization vulnerability in Acronis Cyber Infrastructure Sensitive information disclosure due to improper authorization. | 5.5 |
| 2023-05-15 | CVE-2023-23445 | Incorrect Authorization vulnerability in Sick products Improper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to gain unauthorized access to data fields by using a therefore unpriviledged account via the REST interface. | 7.5 |
| 2023-05-15 | CVE-2023-23446 | Incorrect Authorization vulnerability in Sick products Improper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to download files by using a therefore unpriviledged account via the REST interface. | 7.5 |
| 2023-05-12 | CVE-2023-2515 | Incorrect Authorization vulnerability in Mattermost Server Mattermost fails to restrict a user with permissions to edit other users and to create personal access tokens from elevating their privileges to system admin | 8.8 |
| 2023-05-10 | CVE-2022-41610 | Incorrect Authorization vulnerability in Intel products Improper authorization in Intel(R) EMA Configuration Tool before version 1.0.4 and Intel(R) MC before version 2.4 software may allow an authenticated user to potentially enable denial of service via local access. | 5.5 |
| 2023-05-10 | CVE-2022-43465 | Incorrect Authorization vulnerability in Intel Setup and Configuration Software Improper authorization in the Intel(R) SCS software all versions may allow an authenticated user to potentially enable denial of service via local access. | 5.5 |
| 2023-05-10 | CVE-2022-45128 | Incorrect Authorization vulnerability in Intel Endpoint Management Assistant Improper authorization in the Intel(R) EMA software before version 1.9.0.0 may allow an authenticated user to potentially enable denial of service via local access. | 5.5 |
| 2023-05-09 | CVE-2023-32060 | Incorrect Authorization vulnerability in Dhis2 Dhis 2 DHIS2 Core contains the service layer and Web API for DHIS2, an information system for data capture. | 6.5 |
| 2023-05-08 | CVE-2023-24505 | Incorrect Authorization vulnerability in Milesight Ncr/Camera Firmware 71.8.0.6R5 Milesight NCR/camera version 71.8.0.6-r5 discloses sensitive information through an unspecified request. | 7.5 |
| 2023-05-08 | CVE-2023-1979 | Incorrect Authorization vulnerability in Google web Stories The Web Stories for WordPress plugin supports the WordPress built-in functionality of protecting content with a password. | 6.5 |