Vulnerabilities > Incorrect Authorization

DATE	CVE	VULNERABILITY TITLE	RISK
2022-10-14	CVE-2022-39302	Incorrect Authorization vulnerability in Ree6 Ree6 is a moderation bot. network low complexity ree6 CWE-863	5.4
2022-10-10	CVE-2022-42724	Incorrect Authorization vulnerability in Misp-Project Malware Information Sharing Platform app/Controller/UsersController.php in MISP before 2.4.164 allows attackers to discover role names (this is information that only the site admin should have). network low complexity misp-project CWE-863	4.3
2022-10-07	CVE-2022-41574	Incorrect Authorization vulnerability in Gradle Enterprise An access-control vulnerability in Gradle Enterprise 2022.4 through 2022.3.1 allows remote attackers to prevent backups from occurring, and send emails with arbitrary text content to the configured installation-administrator contact address, via HTTP access to an accidentally exposed internal endpoint. network low complexity gradle CWE-863	7.5
2022-10-07	CVE-2022-36634	Incorrect Authorization vulnerability in Zkteco Zkbiosecurity V5000 3.0.5.0R An access control issue in ZKTeco ZKBioSecurity V5000 3.0.5_r allows attackers to arbitrarily create admin users via a crafted HTTP request. network low complexity zkteco CWE-863	8.8
2022-10-06	CVE-2022-31252	Incorrect Authorization vulnerability in multiple products A Incorrect Authorization vulnerability in chkstat of SUSE Linux Enterprise Server 12-SP5; openSUSE Leap 15.3, openSUSE Leap 15.4, openSUSE Leap Micro 5.2 did not consider group writable path components, allowing local attackers with access to a group what can write to a location included in the path to a privileged binary to influence path resolution. local low complexity suse opensuse CWE-863	4.4
2022-10-06	CVE-2022-39275	Incorrect Authorization vulnerability in Saleor Saleor is a headless, GraphQL commerce platform. network low complexity saleor CWE-863	4.3
2022-09-29	CVE-2021-40692	Incorrect Authorization vulnerability in Moodle Insufficient capability checks made it possible for teachers to download users outside of their courses. network low complexity moodle CWE-863	4.3
2022-09-28	CVE-2022-39029	Incorrect Authorization vulnerability in Lcnet Smart Evision 2022.02.21 Smart eVision has inadequate authorization for the database query function. network low complexity lcnet CWE-863	6.5
2022-09-28	CVE-2022-39030	Incorrect Authorization vulnerability in Lcnet Smart Evision 2022.02.21 smart eVision has inadequate authorization for system information query function. network low complexity lcnet CWE-863	7.5
2022-09-28	CVE-2022-39031	Incorrect Authorization vulnerability in Lcnet Smart Evision 2022.02.21 Smart eVision has insufficient authorization for task acquisition function. network low complexity lcnet CWE-863	5.3

Vulnerabilities > Incorrect Authorization {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Incorrect Authorization"}]}

Vulnerabilities > Incorrect Authorization