Vulnerabilities > Incorrect Authorization

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-23	CVE-2022-24730	Incorrect Authorization vulnerability in Argoproj Argo CD Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. network low complexity argoproj CWE-863	6.5
2022-03-23	CVE-2022-0981	Incorrect Authorization vulnerability in Quarkus A flaw was found in Quarkus. network low complexity quarkus CWE-863	8.8
2022-03-13	CVE-2022-24128	Incorrect Authorization vulnerability in Timescale Timescaledb Timescale TimescaleDB 1.x and 2.x before 2.5.2 may allow privilege escalation during extension installation. network low complexity timescale CWE-863	8.0
2022-03-10	CVE-2021-41233	Incorrect Authorization vulnerability in Nextcloud Server Nextcloud text is a collaborative document editing using Markdown built for the nextcloud server. network low complexity nextcloud CWE-863	5.3
2022-03-10	CVE-2022-24609	Incorrect Authorization vulnerability in Luocms Project Luocms 2.0 Luocms v2.0 is affected by an incorrect access control vulnerability. network low complexity luocms-project CWE-863 critical	9.8
2022-03-09	CVE-2022-24748	Incorrect Authorization vulnerability in Shopware Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. network low complexity shopware CWE-863	7.5
2022-03-07	CVE-2021-24824	Incorrect Authorization vulnerability in Custom Content Shortcode Project Custom Content Shortcode The [field] shortcode included with the Custom Content Shortcode WordPress plugin before 4.0.1, allows authenticated users with a role as low as contributor, to access arbitrary post metadata. network low complexity custom-content-shortcode-project CWE-863	4.3
2022-03-02	CVE-2021-3658	Incorrect Authorization vulnerability in multiple products bluetoothd from bluez incorrectly saves adapters' Discoverable status when a device is powered down, and restores it when powered up. low complexity bluez fedoraproject CWE-863	6.5
2022-03-02	CVE-2022-24306	Incorrect Authorization vulnerability in Zohocorp Manageengine Sharepoint Manager Plus Zoho ManageEngine SharePoint Manager Plus before 4329 allows account takeover because authorization is mishandled. network low complexity zohocorp CWE-863 critical	9.8
2022-03-02	CVE-2022-0577	Incorrect Authorization vulnerability in multiple products Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository scrapy/scrapy prior to 2.6.1. network low complexity scrapy debian CWE-863	6.5

Vulnerabilities > Incorrect Authorization {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Incorrect Authorization"}]}

Vulnerabilities > Incorrect Authorization