Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-23 | CVE-2022-1132 | Incorrect Authorization vulnerability in Google Chrome Inappropriate implementation in Virtual Keyboard in Google Chrome on Chrome OS prior to 100.0.4896.60 allowed a local attacker to bypass navigation restrictions via physical access to the device. | 6.1 |
| 2022-07-20 | CVE-2022-34046 | Incorrect Authorization vulnerability in Wavlink Wn533A8 Firmware M33A8.V5030.190716 An access control issue in Wavlink WN533A8 M33A8.V5030.190716 allows attackers to obtain usernames and passwords via view-source:http://IP_ADDRESS/sysinit.shtml?r=52300 and searching for [logincheck(user);]. | 7.5 |
| 2022-07-17 | CVE-2022-26479 | Incorrect Authorization vulnerability in Poly Eagleeye Director II Firmware An issue was discovered in Poly EagleEye Director II before 2.2.2.1. | 9.8 |
| 2022-07-16 | CVE-2022-36126 | Incorrect Authorization vulnerability in Inductiveautomation Ignition An issue was discovered in Inductive Automation Ignition before 7.9.20 and 8.x before 8.1.17. | 7.2 |
| 2022-07-15 | CVE-2022-35890 | Incorrect Authorization vulnerability in Inductiveautomation Ignition An issue was discovered in Inductive Automation Ignition before 7.9.20 and 8.x before 8.1.17. | 9.8 |
| 2022-07-15 | CVE-2022-31153 | Incorrect Authorization vulnerability in Openzeppelin Contracts 0.2.0 OpenZeppelin Contracts for Cairo is a library for contract development written in Cairo for StarkNet, a decentralized ZK Rollup. | 6.5 |
| 2022-07-14 | CVE-2022-2408 | Incorrect Authorization vulnerability in Mattermost The Guest account feature in Mattermost version 6.7.0 and earlier fails to properly restrict the permissions, which allows a guest user to fetch a list of all public channels in the team, in spite of not being part of those channels. | 4.3 |
| 2022-07-11 | CVE-2022-31139 | Incorrect Authorization vulnerability in Unsafe Accessor Project Unsafe Accessor UnsafeAccessor (UA) is a bridge to access jdk.internal.misc.Unsafe & sun.misc.Unsafe. | 7.5 |
| 2022-07-11 | CVE-2022-32294 | Incorrect Authorization vulnerability in Zimbra Collaboration 8.8.15 Zimbra Collaboration Open Source 8.8.15 does not encrypt the initial-login randomly created password (from the "zmprove ca" command). | 9.8 |
| 2022-07-06 | CVE-2022-32290 | Incorrect Authorization vulnerability in Northern.Tech Mender 3.2.0/3.2.1/3.2.2 The client in Northern.tech Mender 3.2.0, 3.2.1, and 3.2.2 has Incorrect Access Control. | 4.3 |