Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-02 | CVE-2022-0577 | Incorrect Authorization vulnerability in multiple products Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository scrapy/scrapy prior to 2.6.1. | 4.0 |
| 2022-02-26 | CVE-2022-0762 | Incorrect Authorization vulnerability in Microweber Incorrect Authorization in GitHub repository microweber/microweber prior to 1.3. | 4.3 |
| 2022-02-24 | CVE-2019-25058 | Incorrect Authorization vulnerability in multiple products An issue was discovered in USBGuard before 1.1.0. | 7.8 |
| 2022-02-23 | CVE-2022-0727 | Incorrect Authorization vulnerability in Framasoft Peertube Improper Access Control in GitHub repository chocobozzz/peertube prior to 4.1.0. | 5.5 |
| 2022-02-18 | CVE-2020-25722 | Incorrect Authorization vulnerability in multiple products Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data. | 8.8 |
| 2022-02-18 | CVE-2022-21141 | Incorrect Authorization vulnerability in Airspan products MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 does not perform proper authorization checks on multiple API functions. | 10.0 |
| 2022-02-18 | CVE-2022-25335 | Incorrect Authorization vulnerability in Rigoblock Drago RigoBlock Dragos through 2022-02-17 lacks the onlyOwner modifier for setMultipleAllowances. | 7.5 |
| 2022-02-18 | CVE-2022-0451 | Incorrect Authorization vulnerability in Dart Software Development KIT Dart SDK contains the HTTPClient in dart:io library whcih includes authorization headers when handling cross origin redirects. | 4.0 |
| 2022-02-18 | CVE-2022-25318 | Incorrect Authorization vulnerability in Cerebrate-Project Cerebrate An issue was discovered in Cerebrate through 1.4. | 4.3 |
| 2022-02-17 | CVE-2022-0633 | Incorrect Authorization vulnerability in Updraftplus The UpdraftPlus WordPress plugin Free before 1.22.3 and Premium before 2.22.3 do not properly validate a user has the required privileges to access a backup's nonce identifier, which may allow any users with an account on the site (such as subscriber) to download the most recent site & database backup. | 4.0 |