Vulnerabilities > Incorrect Authorization
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-03-30 | CVE-2022-1177 | Incorrect Authorization vulnerability in Open-Emr Openemr Accounting User Can Download Patient Reports in openemr in GitHub repository openemr/openemr prior to 6.1.0. | 4.0 |
2022-03-30 | CVE-2020-24771 | Incorrect Authorization vulnerability in Nexusphp 1.5 Incorrect access control in NexusPHP 1.5.beta5.20120707 allows unauthorized attackers to access published content. | 7.5 |
2022-03-28 | CVE-2021-39876 | Incorrect Authorization vulnerability in Gitlab In all versions of GitLab CE/EE since version 11.3, the endpoint for auto-completing Assignee discloses the members of private groups. | 4.0 |
2022-03-28 | CVE-2022-0720 | Incorrect Authorization vulnerability in Tms-Outsource Amelia 1.0.46 The Amelia WordPress plugin before 1.0.47 does not have proper authorisation when managing appointments, allowing any customer to update other's booking, as well as retrieve sensitive information about the bookings, such as the full name and phone number of the person who booked it. | 5.5 |
2022-03-25 | CVE-2022-24783 | Incorrect Authorization vulnerability in Deno Deno is a runtime for JavaScript and TypeScript. | 10.0 |
2022-03-25 | CVE-2021-20290 | Incorrect Authorization vulnerability in Theforeman Openscap An improper authorization handling flaw was found in Foreman. | 3.6 |
2022-03-25 | CVE-2022-24778 | Incorrect Authorization vulnerability in multiple products The imgcrypt library provides API exensions for containerd to support encrypted container images and implements the ctd-decoder command line tool for use by containerd to decrypt encrypted container images. | 7.5 |
2022-03-24 | CVE-2022-26629 | Incorrect Authorization vulnerability in Splus Soroushplus 1.0.30 An Access Control vulnerability exists in SoroushPlus+ Messenger 1.0.30 in the Lock Screen Security Feature function due to insufficient permissions and privileges, which allows a malicious attacker bypass the lock screen function. | 6.4 |
2022-03-23 | CVE-2022-24730 | Incorrect Authorization vulnerability in Linuxfoundation Argo-Cd Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. | 6.5 |
2022-03-23 | CVE-2022-0981 | Incorrect Authorization vulnerability in Quarkus A flaw was found in Quarkus. | 6.5 |