Vulnerabilities > Incorrect Authorization
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-08-18 | CVE-2021-37409 | Incorrect Authorization vulnerability in Intel products Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable escalation of privilege via local access. | 7.8 |
2022-08-16 | CVE-2020-14321 | Incorrect Authorization vulnerability in Moodle In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, teachers of a course were able to assign themselves the manager role within that course. | 8.8 |
2022-08-15 | CVE-2022-2354 | Incorrect Authorization vulnerability in Wp-Dbmanager Project Wp-Dbmanager The WP-DBManager WordPress plugin before 2.80.8 does not prevent administrators from running arbitrary commands on the server in multisite installations, where only super-administrators should. | 7.2 |
2022-08-08 | CVE-2022-35487 | Incorrect Authorization vulnerability in Zammad 5.2.0 Zammad 5.2.0 suffers from Incorrect Access Control. | 7.5 |
2022-08-05 | CVE-2022-2095 | Incorrect Authorization vulnerability in Gitlab An improper access control check in GitLab CE/EE affecting all versions starting from 13.7 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1 allows a malicious authenticated user to view a public project's Deploy Key's public fingerprint and name when that key has write permission. | 4.3 |
2022-08-05 | CVE-2022-2326 | Incorrect Authorization vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. | 8.1 |
2022-08-05 | CVE-2022-2501 | Incorrect Authorization vulnerability in Gitlab An improper access control issue in GitLab EE affecting all versions from 12.0 prior to 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1 allows an attacker to bypass IP allow-listing and download artifacts. | 7.5 |
2022-08-03 | CVE-2022-27551 | Incorrect Authorization vulnerability in Hcltechsw HCL Launch HCL Launch could allow an authenticated user to obtain sensitive information in some instances due to improper security checking. | 6.5 |
2022-08-02 | CVE-2022-35924 | Incorrect Authorization vulnerability in Nextauth.Js Next-Auth NextAuth.js is a complete open source authentication solution for Next.js applications. | 9.1 |
2022-08-01 | CVE-2022-35921 | Incorrect Authorization vulnerability in Friendsofflarum Byobu 0.30.0 fof/byobu is a private discussions extension for Flarum forum. | 4.3 |