Vulnerabilities > Incorrect Authorization
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-14 | CVE-2023-45185 | Incorrect Authorization vulnerability in IBM I Access Client Solutions IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 could allow an attacker to execute remote code. | 8.8 |
2023-12-12 | CVE-2023-49273 | Incorrect Authorization vulnerability in Umbraco CMS Umbraco is an ASP.NET content management system (CMS). | 5.4 |
2023-12-12 | CVE-2020-10676 | Incorrect Authorization vulnerability in Suse Rancher In Rancher 2.x before 2.6.13 and 2.7.x before 2.7.4, an incorrectly applied authorization check allows users who have certain access to a namespace to move that namespace to a different project. | 8.8 |
2023-12-12 | CVE-2023-48227 | Incorrect Authorization vulnerability in Umbraco CMS Umbraco is an ASP.NET content management system (CMS). | 4.3 |
2023-12-12 | CVE-2023-6542 | Incorrect Authorization vulnerability in SAP Emarsys SDK 3.6.2 Due to lack of proper authorization checks in Emarsys SDK for Android, an attacker can call a particular activity and can forward himself web pages and/or deep links without any validation directly from the host application. | 7.1 |
2023-12-12 | CVE-2023-36646 | Incorrect Authorization vulnerability in Prolion Cryptospike 3.0.15 Incorrect user role checking in multiple REST API endpoints in ProLion CryptoSpike 3.0.15P2 allows a remote attacker with low privileges to execute privileged functions and achieve privilege escalation via REST API endpoint invocation. | 8.8 |
2023-12-10 | CVE-2023-50457 | Incorrect Authorization vulnerability in Zammad 6.1.0/6.2.0 An issue was discovered in Zammad before 6.2.0. | 4.3 |
2023-12-06 | CVE-2023-48859 | Incorrect Authorization vulnerability in Totolink A3002Ru Firmware 2.0.0B20190902.1958 TOTOLINK A3002RU version 2.0.0-B20190902.1958 has a post-authentication RCE due to incorrect access control, allows attackers to bypass front-end security restrictions and execute arbitrary code. | 8.8 |
2023-12-06 | CVE-2023-49239 | Incorrect Authorization vulnerability in Huawei Emui and Harmonyos Unauthorized access vulnerability in the card management module. | 7.5 |
2023-12-06 | CVE-2023-49240 | Incorrect Authorization vulnerability in Huawei Emui and Harmonyos Unauthorized access vulnerability in the launcher module. | 7.5 |