Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-02 | CVE-2021-36778 | Incorrect Authorization vulnerability in Suse Rancher A Incorrect Authorization vulnerability in SUSE Rancher allows administrators of third-party repositories to gather credentials that are sent to their servers. | 7.5 |
| 2022-04-29 | CVE-2022-0984 | Incorrect Authorization vulnerability in multiple products Users with the capability to configure badge criteria (teachers and managers by default) were able to configure course badges with profile field criteria, which should only be available for site badges. | 4.0 |
| 2022-04-29 | CVE-2022-0985 | Incorrect Authorization vulnerability in Moodle Insufficient capability checks could allow users with the moodle/site:uploadusers capability to delete users, without having the necessary moodle/user:delete capability. | 4.3 |
| 2022-04-27 | CVE-2022-23822 | Incorrect Authorization vulnerability in Xilinx Zynq-7000 Firmware and Zynq-7000S Firmware In this physical attack, an attacker may potentially exploit the Zynq-7000 SoC First Stage Boot Loader (FSBL) by bypassing authentication and loading a malicious image onto the device. | 4.4 |
| 2022-04-26 | CVE-2022-1466 | Incorrect Authorization vulnerability in Redhat Keycloak Due to improper authorization, Red Hat Single Sign-On is vulnerable to users performing actions that they should not be allowed to perform. | 4.0 |
| 2022-04-21 | CVE-2020-14121 | Incorrect Authorization vulnerability in MI APP Store 4.12.2 A business logic vulnerability exists in Mi App Store. | 2.1 |
| 2022-04-20 | CVE-2022-24865 | Incorrect Authorization vulnerability in Humhub HumHub is an Open Source Enterprise Social Network. | 4.0 |
| 2022-04-19 | CVE-2022-27055 | Incorrect Authorization vulnerability in Ecjia Daojia 1.38.120210202629 ecjia-daojia 1.38.1-20210202629 is vulnerable to information leakage via content/apps/installer/classes/Helper.php. | 7.5 |
| 2022-04-18 | CVE-2022-24841 | Incorrect Authorization vulnerability in Fleetdm Fleet fleetdm/fleet is an open source device management, built on osquery. | 5.5 |
| 2022-04-18 | CVE-2020-25167 | Incorrect Authorization vulnerability in Osisoft PI Vision OSIsoft PI Vision 2020 versions prior to 3.5.0 could disclose information to a user with insufficient privileges for an AF attribute. | 4.0 |