Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-17 | CVE-2022-25270 | Incorrect Authorization vulnerability in Drupal The Quick Edit module does not properly check entity access in some circumstances. | 4.0 |
| 2022-02-16 | CVE-2021-22042 | Incorrect Authorization vulnerability in VMWare Cloud Foundation and Esxi VMware ESXi contains an unauthorized access vulnerability due to VMX having access to settingsd authorization tickets. | 4.6 |
| 2022-02-14 | CVE-2022-0580 | Incorrect Authorization vulnerability in Librenms Incorrect Authorization in Packagist librenms/librenms prior to 22.2.0. | 8.8 |
| 2022-02-12 | CVE-2022-0309 | Incorrect Authorization vulnerability in Google Chrome Inappropriate implementation in Autofill in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | 4.3 |
| 2022-02-12 | CVE-2022-0117 | Incorrect Authorization vulnerability in multiple products Policy bypass in Blink in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
| 2022-02-11 | CVE-2022-23998 | Incorrect Authorization vulnerability in Samsung Camera 10.5.03.77/9.0.6.68 Improper access control vulnerability in Camera prior to versions 11.1.02.16 in Android R(11), 10.5.03.77 in Android Q(10) and 9.0.6.68 in Android P(9) allows untrusted applications to take a picture in screenlock status. | 4.3 |
| 2022-02-11 | CVE-2020-13676 | Incorrect Authorization vulnerability in Drupal The QuickEdit module does not properly check access to fields in some circumstances, which can lead to unintended disclosure of field data. | 4.0 |
| 2022-02-09 | CVE-2021-39943 | Incorrect Authorization vulnerability in Gitlab An authorization logic error in the External Status Check API in GitLab EE affecting all versions starting from 14.1 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allowed a user to update the status of the check via an API call | 4.0 |
| 2022-02-09 | CVE-2022-23615 | Incorrect Authorization vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 5.5 |
| 2022-02-08 | CVE-2022-23627 | Incorrect Authorization vulnerability in Archisteamfarm Project Archisteamfarm ArchiSteamFarm (ASF) is a C# application with primary purpose of idling Steam cards from multiple accounts simultaneously. | 4.0 |