Vulnerabilities > Incorrect Authorization

DATE CVE VULNERABILITY TITLE RISK
2022-03-23 CVE-2022-24730 Incorrect Authorization vulnerability in Argoproj Argo CD
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes.
network
low complexity
argoproj CWE-863
6.5
2022-03-23 CVE-2022-0981 Incorrect Authorization vulnerability in Quarkus
A flaw was found in Quarkus.
network
low complexity
quarkus CWE-863
8.8
2022-03-13 CVE-2022-24128 Incorrect Authorization vulnerability in Timescale Timescaledb
Timescale TimescaleDB 1.x and 2.x before 2.5.2 may allow privilege escalation during extension installation.
network
low complexity
timescale CWE-863
8.0
2022-03-10 CVE-2021-41233 Incorrect Authorization vulnerability in Nextcloud Server
Nextcloud text is a collaborative document editing using Markdown built for the nextcloud server.
network
low complexity
nextcloud CWE-863
5.3
2022-03-10 CVE-2022-24609 Incorrect Authorization vulnerability in Luocms Project Luocms 2.0
Luocms v2.0 is affected by an incorrect access control vulnerability.
network
low complexity
luocms-project CWE-863
critical
9.8
2022-03-09 CVE-2022-24748 Incorrect Authorization vulnerability in Shopware
Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework.
network
low complexity
shopware CWE-863
7.5
2022-03-07 CVE-2021-24824 Incorrect Authorization vulnerability in Custom Content Shortcode Project Custom Content Shortcode
The [field] shortcode included with the Custom Content Shortcode WordPress plugin before 4.0.1, allows authenticated users with a role as low as contributor, to access arbitrary post metadata.
network
low complexity
custom-content-shortcode-project CWE-863
4.3
2022-03-02 CVE-2021-3658 Incorrect Authorization vulnerability in multiple products
bluetoothd from bluez incorrectly saves adapters' Discoverable status when a device is powered down, and restores it when powered up.
low complexity
bluez fedoraproject CWE-863
6.5
2022-03-02 CVE-2022-24306 Incorrect Authorization vulnerability in Zohocorp Manageengine Sharepoint Manager Plus
Zoho ManageEngine SharePoint Manager Plus before 4329 allows account takeover because authorization is mishandled.
network
low complexity
zohocorp CWE-863
critical
9.8
2022-03-02 CVE-2022-0577 Incorrect Authorization vulnerability in multiple products
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository scrapy/scrapy prior to 2.6.1.
network
low complexity
scrapy debian CWE-863
6.5