Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-29 | CVE-2021-40692 | Incorrect Authorization vulnerability in Moodle Insufficient capability checks made it possible for teachers to download users outside of their courses. | 4.3 |
| 2022-09-27 | CVE-2022-40816 | Incorrect Authorization vulnerability in Zammad 5.2.0/5.2.1 Zammad 5.2.1 is vulnerable to Incorrect Access Control. | 6.5 |
| 2022-09-26 | CVE-2022-3048 | Incorrect Authorization vulnerability in multiple products Inappropriate implementation in Chrome OS lockscreen in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a local attacker to bypass lockscreen navigation restrictions via physical access to the device. | 6.8 |
| 2022-09-19 | CVE-2022-0143 | Incorrect Authorization vulnerability in Forgerock Ldap Connector When the LDAP connector is started with StartTLS configured, unauthenticated access is granted. | 9.8 |
| 2022-09-15 | CVE-2022-36074 | Incorrect Authorization vulnerability in Nextcloud Enterprise Server and Nextcloud Server Nextcloud server is an open source personal cloud product. | 7.5 |
| 2022-09-13 | CVE-2022-36103 | Incorrect Authorization vulnerability in Siderolabs Talos Linux Talos Linux is a Linux distribution built for Kubernetes deployments. | 8.8 |
| 2022-09-12 | CVE-2022-37767 | Incorrect Authorization vulnerability in Pebbletemplates Pebble Templates 3.1.5 Pebble Templates 3.1.5 allows attackers to bypass a protection mechanism and implement arbitrary code execution with springbok. | 9.8 |
| 2022-08-31 | CVE-2022-36051 | Incorrect Authorization vulnerability in Zitadel ZITADEL combines the ease of Auth0 and the versatility of Keycloak.**Actions**, introduced in ZITADEL **1.42.0** on the API and **1.56.0** for Console, is a feature, where users with role.`ORG_OWNER` are able to create Javascript Code, which is invoked by the system at certain points during the login. | 8.8 |
| 2022-08-26 | CVE-2021-3563 | Incorrect Authorization vulnerability in multiple products A flaw was found in openstack-keystone. | 7.4 |
| 2022-08-23 | CVE-2021-3763 | Incorrect Authorization vulnerability in Redhat AMQ Broker 7.8.0/7.8.1/7.8.2 A flaw was found in the Red Hat AMQ Broker management console in version 7.8 where an existing user is able to access some limited information even when the role the user is assigned to should not be allow access to the management console. | 4.3 |