Vulnerabilities > Incorrect Authorization

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-30	CVE-2021-3456	Incorrect Authorization vulnerability in Theforeman Smart Proxy Salt An improper authorization handling flaw was found in Foreman. local low complexity theforeman CWE-863	7.1
2022-03-30	CVE-2022-1177	Incorrect Authorization vulnerability in Open-Emr Openemr Accounting User Can Download Patient Reports in openemr in GitHub repository openemr/openemr prior to 6.1.0. network low complexity open-emr CWE-863	4.3
2022-03-30	CVE-2020-24771	Incorrect Authorization vulnerability in Nexusphp 1.5 Incorrect access control in NexusPHP 1.5.beta5.20120707 allows unauthorized attackers to access published content. network low complexity nexusphp CWE-863	7.5
2022-03-28	CVE-2021-39876	Incorrect Authorization vulnerability in Gitlab In all versions of GitLab CE/EE since version 11.3, the endpoint for auto-completing Assignee discloses the members of private groups. network low complexity gitlab CWE-863	4.3
2022-03-25	CVE-2022-24783	Incorrect Authorization vulnerability in Deno Deno is a runtime for JavaScript and TypeScript. network low complexity deno CWE-863 critical	10.0
2022-03-25	CVE-2021-20290	Incorrect Authorization vulnerability in Theforeman Openscap An improper authorization handling flaw was found in Foreman. local low complexity theforeman CWE-863	6.1
2022-03-25	CVE-2022-24778	Incorrect Authorization vulnerability in multiple products The imgcrypt library provides API exensions for containerd to support encrypted container images and implements the ctd-decoder command line tool for use by containerd to decrypt encrypted container images. network low complexity linuxfoundation fedoraproject CWE-863	7.5
2022-03-24	CVE-2022-26629	Incorrect Authorization vulnerability in Splus Soroushplus 1.0.30 An Access Control vulnerability exists in SoroushPlus+ Messenger 1.0.30 in the Lock Screen Security Feature function due to insufficient permissions and privileges, which allows a malicious attacker bypass the lock screen function. network low complexity splus CWE-863 critical	9.1
2022-03-23	CVE-2022-24730	Incorrect Authorization vulnerability in Argoproj Argo CD Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. network low complexity argoproj CWE-863	6.5
2022-03-23	CVE-2022-0981	Incorrect Authorization vulnerability in Quarkus A flaw was found in Quarkus. network low complexity quarkus CWE-863	8.8

Vulnerabilities > Incorrect Authorization {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Incorrect Authorization"}]}

Vulnerabilities > Incorrect Authorization