Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-08 | CVE-2022-46792 | Incorrect Authorization vulnerability in Hasura Graphql Engine Hasura GraphQL Engine before 2.15.2 mishandles row-level authorization in the Update Many API for Postgres backends. | 8.8 |
| 2022-12-05 | CVE-2022-44039 | Incorrect Authorization vulnerability in Franklinfueling Colibri Firmware 1.9.22.8925 Franklin Fueling System FFS Colibri 1.9.22.8925 is affected by: File system overwrite. | 9.8 |
| 2022-12-05 | CVE-2022-46169 | Incorrect Authorization vulnerability in Cacti Cacti is an open source platform which provides a robust and extensible operational monitoring and fault management framework for users. | 9.8 |
| 2022-12-05 | CVE-2022-43515 | Incorrect Authorization vulnerability in Zabbix Frontend Zabbix Frontend provides a feature that allows admins to maintain the installation and ensure that only certain IP addresses can access it. | 9.8 |
| 2022-12-02 | CVE-2022-46167 | Incorrect Authorization vulnerability in Clastix Capsule Capsule is a multi-tenancy and policy-based framework for Kubernetes. | 8.8 |
| 2022-12-01 | CVE-2022-41970 | Incorrect Authorization vulnerability in Nextcloud Server Nextcloud Server is an open source personal cloud server. | 5.3 |
| 2022-11-28 | CVE-2022-24189 | Incorrect Authorization vulnerability in Sz-Fujia Ourphoto 1.4.1 The user_token authorization header on the Ourphoto App version 1.4.1 /apiv1/* end-points is not implemented properly. | 6.5 |
| 2022-11-28 | CVE-2022-41944 | Incorrect Authorization vulnerability in Discourse Discourse is an open-source discussion platform. | 4.3 |
| 2022-11-23 | CVE-2022-41923 | Incorrect Authorization vulnerability in Grails Spring Security Core Grails Spring Security Core plugin is vulnerable to privilege escalation. | 9.8 |
| 2022-11-17 | CVE-2022-36785 | Incorrect Authorization vulnerability in Dlink G Integrated Access Device4 Firmware 1.0 D-Link – G integrated Access Device4 Information Disclosure & Authorization Bypass. *Information Disclosure – file contains a URL with private IP at line 15 "login.asp" A. | 7.5 |