Vulnerabilities > Incorrect Authorization

DATE	CVE	VULNERABILITY TITLE	RISK
2024-12-27	CVE-2020-9081	Incorrect Authorization vulnerability in Huawei products There is an improper authorization vulnerability in some Huawei smartphones. low complexity huawei CWE-863	6.8
2024-12-20	CVE-2024-56348	Incorrect Authorization vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.12 improper access control allowed viewing details of unauthorized agents network low complexity jetbrains CWE-863	4.3
2024-12-20	CVE-2024-56350	Incorrect Authorization vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.12 build credentials allowed unauthorized viewing of projects network low complexity jetbrains CWE-863	4.3
2024-12-20	CVE-2024-12831	Incorrect Authorization vulnerability in Arista NG Firewall 17.1.1 Arista NG Firewall uvm_login Incorrect Authorization Privilege Escalation Vulnerability. local low complexity arista CWE-863	7.8
2024-12-17	CVE-2024-12539	Incorrect Authorization vulnerability in Elastic Elasticsearch 8.16.0/8.16.1 An issue was discovered where improper authorization controls affected certain queries that could allow a malicious actor to circumvent Document Level Security in Elasticsearch and get access to documents that their roles would normally not allow. network low complexity elastic CWE-863	6.5
2024-12-17	CVE-2024-9654	Incorrect Authorization vulnerability in Awesomemotive Easy Digital Downloads The Easy Digital Downloads plugin for WordPress is vulnerable to Improper Authorization in versions 3.1 through 3.3.4. network high complexity awesomemotive CWE-863	3.7
2024-12-12	CVE-2024-55662	Incorrect Authorization vulnerability in Xwiki XWiki Platform is a generic wiki platform. network low complexity xwiki CWE-863	8.8
2024-12-12	CVE-2024-55633	Incorrect Authorization vulnerability in Apache Superset Improper Authorization vulnerability in Apache Superset. network low complexity apache CWE-863	6.5
2024-12-09	CVE-2024-53949	Incorrect Authorization vulnerability in Apache Superset Improper Authorization vulnerability in Apache Superset when FAB_ADD_SECURITY_API is enabled (disabled by default). network low complexity apache CWE-863	6.5
2024-12-04	CVE-2023-52943	Incorrect Authorization vulnerability in Synology Surveillance Station Incorrect authorization vulnerability in Alert.Setting webapi component in Synology Surveillance Station before 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to to perform limited actions on the alerting function via unspecified vectors. network low complexity synology CWE-863	4.3

Vulnerabilities > Incorrect Authorization {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Incorrect Authorization"}]}

Vulnerabilities > Incorrect Authorization