Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-27 | CVE-2023-22251 | Incorrect Authorization vulnerability in Adobe Commerce and Magento Open Source Adobe Commerce versions 2.4.4-p2 (and earlier) and 2.4.5-p1 (and earlier) are affected by an Incorrect Authorization vulnerability. | 4.3 |
| 2023-03-27 | CVE-2023-1136 | Incorrect Authorization vulnerability in Deltaww Infrasuite Device Master 00.00.01A/00.00.02A In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an unauthenticated attacker could generate a valid token, which would lead to authentication bypass. | 7.5 |
| 2023-03-27 | CVE-2023-1144 | Incorrect Authorization vulnerability in Deltaww Infrasuite Device Master 00.00.01A/00.00.02A Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contains an improper access control vulnerability in which an attacker can use the Device-Gateway service and bypass authorization, which could result in privilege escalation. | 8.8 |
| 2023-03-27 | CVE-2023-25017 | Incorrect Authorization vulnerability in Rifartek IOT Wall 22 RIFARTEK IOT Wall has a vulnerability of incorrect authorization. | 8.1 |
| 2023-03-24 | CVE-2023-21034 | Incorrect Authorization vulnerability in Google Android 13.0 In multiple functions of SensorService.cpp, there is a possible access of accurate sensor data due to a permissions bypass. | 7.8 |
| 2023-03-24 | CVE-2023-21035 | Incorrect Authorization vulnerability in Google Android 13.0 In multiple functions of BackupHelper.java, there is a possible way for an app to get permissions previously granted to another app with the same package name due to a permissions bypass. | 7.8 |
| 2023-03-23 | CVE-2023-28611 | Incorrect Authorization vulnerability in Omicronenergy Stationguard and Stationscout Incorrect authorization in OMICRON StationGuard 1.10 through 2.20 and StationScout 1.30 through 2.20 allows an attacker to bypass intended access restrictions. | 9.8 |
| 2023-03-23 | CVE-2023-23192 | Incorrect Authorization vulnerability in Isdecisions Userlock 11.0.1 IS Decisions UserLock MFA 11.01 is vulnerable to authentication bypass using scheduled task. | 7.2 |
| 2023-03-22 | CVE-2023-25594 | Incorrect Authorization vulnerability in Arubanetworks Clearpass Policy Manager A vulnerability in the web-based management interface of ClearPass Policy Manager allows an attacker with read-only privileges to perform actions that change the state of the ClearPass Policy Manager instance. | 8.8 |
| 2023-03-22 | CVE-2023-25924 | Incorrect Authorization vulnerability in IBM Security KEY Lifecycle Manager IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 could allow an authenticated user to perform actions that they should not have access to due to improper authorization. | 8.8 |