Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-27 | CVE-2023-1144 | Incorrect Authorization vulnerability in Deltaww Infrasuite Device Master 00.00.01A/00.00.02A Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contains an improper access control vulnerability in which an attacker can use the Device-Gateway service and bypass authorization, which could result in privilege escalation. | 8.8 |
| 2023-03-24 | CVE-2023-21034 | Incorrect Authorization vulnerability in Google Android 13.0 In multiple functions of SensorService.cpp, there is a possible access of accurate sensor data due to a permissions bypass. | 7.8 |
| 2023-03-24 | CVE-2023-21035 | Incorrect Authorization vulnerability in Google Android 13.0 In multiple functions of BackupHelper.java, there is a possible way for an app to get permissions previously granted to another app with the same package name due to a permissions bypass. | 7.8 |
| 2023-03-23 | CVE-2023-28611 | Incorrect Authorization vulnerability in Omicronenergy Stationguard and Stationscout Incorrect authorization in OMICRON StationGuard 1.10 through 2.20 and StationScout 1.30 through 2.20 allows an attacker to bypass intended access restrictions. | 9.8 |
| 2023-03-23 | CVE-2023-23192 | Incorrect Authorization vulnerability in Isdecisions Userlock 11.0.1 IS Decisions UserLock MFA 11.01 is vulnerable to authentication bypass using scheduled task. | 7.2 |
| 2023-03-22 | CVE-2023-25594 | Incorrect Authorization vulnerability in Arubanetworks Clearpass Policy Manager A vulnerability in the web-based management interface of ClearPass Policy Manager allows an attacker with read-only privileges to perform actions that change the state of the ClearPass Policy Manager instance. | 8.8 |
| 2023-03-20 | CVE-2023-27578 | Incorrect Authorization vulnerability in Galaxyproject Galaxy Galaxy is an open-source platform for data analysis. | 7.5 |
| 2023-03-20 | CVE-2023-0940 | Incorrect Authorization vulnerability in Metagauss Profilegrid The ProfileGrid WordPress plugin before 5.3.1 provides an AJAX endpoint for resetting a user password but does not implement proper authorization. | 8.8 |
| 2023-03-17 | CVE-2023-27594 | Incorrect Authorization vulnerability in Cilium Cilium is a networking, observability, and security solution with an eBPF-based dataplane. | 7.3 |
| 2023-03-14 | CVE-2023-24880 | Incorrect Authorization vulnerability in Microsoft products Windows SmartScreen Security Feature Bypass Vulnerability | 4.4 |