Vulnerabilities > Incorrect Authorization
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-05 | CVE-2023-33071 | Incorrect Authorization vulnerability in Qualcomm products Memory corruption in Automotive OS whenever untrusted apps try to access HAb for graphics functionalities. | 7.8 |
2023-12-05 | CVE-2023-42569 | Incorrect Authorization vulnerability in Samsung Android 11.0/13.0 Improper authorization verification vulnerability in AR Emoji prior to SMR Dec-2023 Release 1 allows attackers to read sandbox data of AR Emoji. | 3.3 |
2023-12-05 | CVE-2023-42575 | Incorrect Authorization vulnerability in Samsung Pass 4.0.05.1/4.2.03.1 Improper Authentication vulnerability in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication due to invalid flag setting. | 6.8 |
2023-12-03 | CVE-2023-49947 | Incorrect Authorization vulnerability in Forgejo Forgejo before 1.20.5-1 allows 2FA bypass when docker login uses Basic Authentication. | 7.5 |
2023-12-01 | CVE-2023-42006 | Incorrect Authorization vulnerability in IBM I IBM Administration Runtime Expert for i 7.2, 7.3, 7.4, and 7.5 could allow a local user to obtain sensitive information caused by improper authority checks. | 5.5 |
2023-11-30 | CVE-2023-47827 | Incorrect Authorization vulnerability in Nicheaddons Events Addon for Elementor Incorrect Authorization vulnerability in NicheAddons Events Addon for Elementor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Events Addon for Elementor: from n/a through 2.1.3. | 7.5 |
2023-11-27 | CVE-2023-40610 | Incorrect Authorization vulnerability in Apache Superset Improper authorization check and possible privilege escalation on Apache Superset up to but excluding 2.1.2. | 8.8 |
2023-11-24 | CVE-2023-48712 | Incorrect Authorization vulnerability in Warpgate Project Warpgate Warpgate is an open source SSH, HTTPS and MySQL bastion host for Linux. | 8.8 |
2023-11-20 | CVE-2023-48309 | Incorrect Authorization vulnerability in Nextauth.Js Next-Auth NextAuth.js provides authentication for Next.js. | 5.3 |
2023-11-20 | CVE-2023-5509 | Incorrect Authorization vulnerability in Premio Mystickymenu The myStickymenu WordPress plugin before 2.6.5 does not adequately authorize some ajax calls, allowing any logged-in user to perform the actions. | 5.4 |