Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-05 | CVE-2022-2326 | Incorrect Authorization vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. | 8.1 |
| 2022-08-05 | CVE-2022-2501 | Incorrect Authorization vulnerability in Gitlab An improper access control issue in GitLab EE affecting all versions from 12.0 prior to 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1 allows an attacker to bypass IP allow-listing and download artifacts. | 7.5 |
| 2022-08-03 | CVE-2022-27551 | Incorrect Authorization vulnerability in Hcltechsw HCL Launch HCL Launch could allow an authenticated user to obtain sensitive information in some instances due to improper security checking. | 6.5 |
| 2022-08-02 | CVE-2022-35924 | Incorrect Authorization vulnerability in Nextauth.Js Next-Auth NextAuth.js is a complete open source authentication solution for Next.js applications. | 9.1 |
| 2022-08-01 | CVE-2022-35921 | Incorrect Authorization vulnerability in Friendsofflarum Byobu 0.30.0 fof/byobu is a private discussions extension for Flarum forum. | 4.3 |
| 2022-08-01 | CVE-2022-31190 | Incorrect Authorization vulnerability in Duraspace Dspace DSpace open source software is a repository application which provides durable access to digital resources. | 5.3 |
| 2022-08-01 | CVE-2022-31154 | Incorrect Authorization vulnerability in Sourcegraph Sourcegraph is an opensource code search and navigation engine. | 4.3 |
| 2022-08-01 | CVE-2022-31155 | Incorrect Authorization vulnerability in Sourcegraph Sourcegraph is an opensource code search and navigation engine. | 4.3 |
| 2022-08-01 | CVE-2022-31178 | Incorrect Authorization vulnerability in Elabftw eLabFTW is an electronic lab notebook manager for research teams. | 4.3 |
| 2022-08-01 | CVE-2022-22326 | Incorrect Authorization vulnerability in IBM products IBM Datapower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.5, and 2018.4.1.0 through 2018.4.1.18 could allow unauthorized viewing of logs and files due to insufficient authorization checks. | 3.3 |