Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-07 | CVE-2022-45544 | Incorrect Authorization vulnerability in Schlix CMS 2.2.72 Insecure Permission vulnerability in Schlix Web Inc SCHLIX CMS 2.2.7-2 allows attacker to upload arbitrary files and execute arbitrary code via the tristao parameter. | 8.8 |
| 2023-02-07 | CVE-2023-23696 | Incorrect Authorization vulnerability in Dell Command | Intel Vpro OUT of Band Dell Command Intel vPro Out of Band, versions prior to 4.3.1, contain an Improper Authorization vulnerability. | 7.8 |
| 2023-02-03 | CVE-2023-24029 | Incorrect Authorization vulnerability in Progress WS FTP Server In Progress WS_FTP Server before 8.8, it is possible for a host administrator to elevate their privileges via the administrative interface due to insufficient authorization controls applied on user modification workflows. | 7.2 |
| 2023-02-01 | CVE-2023-23751 | Incorrect Authorization vulnerability in Joomla Joomla! An issue was discovered in Joomla! 4.0.0 through 4.2.4. | 4.3 |
| 2023-02-01 | CVE-2022-47002 | Incorrect Authorization vulnerability in Masacms A vulnerability in the Remember Me function of Masa CMS v7.2, 7.3, and 7.4-beta allows attackers to bypass authentication via a crafted web request. | 9.8 |
| 2023-02-01 | CVE-2023-23924 | Incorrect Authorization vulnerability in Dompdf Project Dompdf 2.0.1 Dompdf is an HTML to PDF converter. | 9.8 |
| 2023-01-31 | CVE-2022-45172 | Incorrect Authorization vulnerability in Liveboxcloud Vdesk 018 An issue was discovered in LIVEBOX Collaboration vDesk before v018. | 9.8 |
| 2023-01-31 | CVE-2023-22610 | Incorrect Authorization vulnerability in Schneider-Electric products A CWE-863: Incorrect Authorization vulnerability exists that could cause Denial of Service against the Geo SCADA server when specific messages are sent to the server over the database server TCP port. | 7.5 |
| 2023-01-31 | CVE-2022-45435 | Incorrect Authorization vulnerability in Sailpoint Identityiq IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p2, IdentityIQ 8.2 and all 8.2 patch levels prior to 8.2p5, IdentityIQ 8.1 and all 8.1 patch levels prior to 8.1p7, IdentityIQ 8.0 and all 8.0 patch levels prior to 8.0p6, and all prior versions allow authenticated users assigned the Identity Administrator capability or any custom capability that contains the SetIdentityForwarding right to modify the work item forwarding configuration for identities other than the ones that should be allowed by Lifecycle Manager Quicklink Population configuration. | 6.5 |
| 2023-01-31 | CVE-2023-24829 | Incorrect Authorization vulnerability in Apache Iotdb Incorrect Authorization vulnerability in Apache Software Foundation Apache IoTDB.This issue affects the iotdb-web-workbench component from 0.13.0 before 0.13.3. | 8.8 |