Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-05 | CVE-2022-2501 | Incorrect Authorization vulnerability in Gitlab An improper access control issue in GitLab EE affecting all versions from 12.0 prior to 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1 allows an attacker to bypass IP allow-listing and download artifacts. | 7.5 |
| 2022-08-03 | CVE-2022-27551 | Incorrect Authorization vulnerability in Hcltechsw HCL Launch HCL Launch could allow an authenticated user to obtain sensitive information in some instances due to improper security checking. | 6.5 |
| 2022-08-02 | CVE-2022-35924 | Incorrect Authorization vulnerability in Nextauth.Js Next-Auth NextAuth.js is a complete open source authentication solution for Next.js applications. | 9.1 |
| 2022-08-01 | CVE-2022-35921 | Incorrect Authorization vulnerability in Friendsofflarum Byobu 0.30.0 fof/byobu is a private discussions extension for Flarum forum. | 4.3 |
| 2022-08-01 | CVE-2022-31190 | Incorrect Authorization vulnerability in Duraspace Dspace DSpace open source software is a repository application which provides durable access to digital resources. | 5.3 |
| 2022-08-01 | CVE-2022-31154 | Incorrect Authorization vulnerability in Sourcegraph Sourcegraph is an opensource code search and navigation engine. | 4.3 |
| 2022-08-01 | CVE-2022-22326 | Incorrect Authorization vulnerability in IBM products IBM Datapower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.5, and 2018.4.1.0 through 2018.4.1.18 could allow unauthorized viewing of logs and files due to insufficient authorization checks. | 3.3 |
| 2022-08-01 | CVE-2022-35716 | Incorrect Authorization vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy (UCD) 6.2.0.0 through 6.2.7.16, 7.0.0.0 through 7.0.5.11, 7.1.0.0 through 7.1.2.7, and 7.2.0.0 through 7.2.3.0 could allow an authenticated user to obtain sensitive information in some instances due to improper security checking. | 6.5 |
| 2022-07-26 | CVE-2022-1499 | Incorrect Authorization vulnerability in Google Chrome Inappropriate implementation in WebAuthentication in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass same origin policy via a crafted HTML page. | 6.3 |
| 2022-07-25 | CVE-2022-1309 | Incorrect Authorization vulnerability in Google Chrome Insufficient policy enforcement in developer tools in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |