Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-17 | CVE-2024-9654 | Incorrect Authorization vulnerability in Awesomemotive Easy Digital Downloads The Easy Digital Downloads plugin for WordPress is vulnerable to Improper Authorization in versions 3.1 through 3.3.4. | 3.7 |
| 2024-12-12 | CVE-2024-55662 | Incorrect Authorization vulnerability in Xwiki XWiki Platform is a generic wiki platform. | 8.8 |
| 2024-12-12 | CVE-2024-55633 | Incorrect Authorization vulnerability in Apache Superset Improper Authorization vulnerability in Apache Superset. | 6.5 |
| 2024-12-09 | CVE-2024-53949 | Incorrect Authorization vulnerability in Apache Superset Improper Authorization vulnerability in Apache Superset when FAB_ADD_SECURITY_API is enabled (disabled by default). | 6.5 |
| 2024-12-04 | CVE-2023-52943 | Incorrect Authorization vulnerability in Synology Surveillance Station Incorrect authorization vulnerability in Alert.Setting webapi component in Synology Surveillance Station before 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to to perform limited actions on the alerting function via unspecified vectors. | 4.3 |
| 2024-12-04 | CVE-2023-52944 | Incorrect Authorization vulnerability in Synology Surveillance Station Incorrect authorization vulnerability in ActionRule webapi component in Synology Surveillance Station before 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to perform limited actions on the set action rules function via unspecified vectors. | 4.3 |
| 2024-11-26 | CVE-2024-11680 | Incorrect Authorization vulnerability in Projectsend ProjectSend versions prior to r1720 are affected by an improper authentication vulnerability. | 9.8 |
| 2024-11-19 | CVE-2023-21270 | Incorrect Authorization vulnerability in Google Android 12.0/12.1/13.0 In restorePermissionState of PermissionManagerServiceImpl.java, there is a possible way for an app to keep permissions that should be revoked due to incorrect permission flags cleared during an update. | 7.8 |
| 2024-11-18 | CVE-2024-21287 | Incorrect Authorization vulnerability in Oracle Agile Product Lifecycle Management 9.3.6 Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Software Development Kit, Process Extension). | 7.5 |
| 2024-11-18 | CVE-2024-48897 | Incorrect Authorization vulnerability in Moodle A vulnerability was found in Moodle. | 4.3 |