Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-24 | CVE-2023-21034 | Incorrect Authorization vulnerability in Google Android 13.0 In multiple functions of SensorService.cpp, there is a possible access of accurate sensor data due to a permissions bypass. | 7.8 |
| 2023-03-24 | CVE-2023-21035 | Incorrect Authorization vulnerability in Google Android 13.0 In multiple functions of BackupHelper.java, there is a possible way for an app to get permissions previously granted to another app with the same package name due to a permissions bypass. | 7.8 |
| 2023-03-23 | CVE-2023-28611 | Incorrect Authorization vulnerability in Omicronenergy Stationguard and Stationscout Incorrect authorization in OMICRON StationGuard 1.10 through 2.20 and StationScout 1.30 through 2.20 allows an attacker to bypass intended access restrictions. | 9.8 |
| 2023-03-23 | CVE-2023-23192 | Incorrect Authorization vulnerability in Isdecisions Userlock 11.0.1 IS Decisions UserLock MFA 11.01 is vulnerable to authentication bypass using scheduled task. | 7.2 |
| 2023-03-22 | CVE-2023-25594 | Incorrect Authorization vulnerability in Arubanetworks Clearpass Policy Manager A vulnerability in the web-based management interface of ClearPass Policy Manager allows an attacker with read-only privileges to perform actions that change the state of the ClearPass Policy Manager instance. | 8.8 |
| 2023-03-20 | CVE-2023-27578 | Incorrect Authorization vulnerability in Galaxyproject Galaxy Galaxy is an open-source platform for data analysis. | 7.5 |
| 2023-03-20 | CVE-2023-0940 | Incorrect Authorization vulnerability in Metagauss Profilegrid The ProfileGrid WordPress plugin before 5.3.1 provides an AJAX endpoint for resetting a user password but does not implement proper authorization. | 8.8 |
| 2023-03-17 | CVE-2023-27594 | Incorrect Authorization vulnerability in Cilium Cilium is a networking, observability, and security solution with an eBPF-based dataplane. | 7.3 |
| 2023-03-14 | CVE-2023-24880 | Incorrect Authorization vulnerability in Microsoft products Windows SmartScreen Security Feature Bypass Vulnerability | 4.4 |
| 2023-03-11 | CVE-2023-24999 | Incorrect Authorization vulnerability in Hashicorp Vault HashiCorp Vault and Vault Enterprise’s approle auth method allowed any authenticated user with access to an approle destroy endpoint to destroy the secret ID of any other role by providing the secret ID accessor. | 8.1 |