Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-23 | CVE-2022-0727 | Incorrect Authorization vulnerability in Framasoft Peertube Improper Access Control in GitHub repository chocobozzz/peertube prior to 4.1.0. | 5.4 |
| 2022-02-18 | CVE-2020-25722 | Incorrect Authorization vulnerability in multiple products Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data. | 8.8 |
| 2022-02-18 | CVE-2022-21141 | Incorrect Authorization vulnerability in Airspan products MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 does not perform proper authorization checks on multiple API functions. | 9.8 |
| 2022-02-18 | CVE-2022-25335 | Incorrect Authorization vulnerability in Rigoblock Drago RigoBlock Dragos through 2022-02-17 lacks the onlyOwner modifier for setMultipleAllowances. | 7.5 |
| 2022-02-18 | CVE-2022-0451 | Incorrect Authorization vulnerability in Dart Software Development KIT Dart SDK contains the HTTPClient in dart:io library whcih includes authorization headers when handling cross origin redirects. | 6.5 |
| 2022-02-18 | CVE-2022-25318 | Incorrect Authorization vulnerability in Cerebrate-Project Cerebrate An issue was discovered in Cerebrate through 1.4. | 4.3 |
| 2022-02-17 | CVE-2022-0633 | Incorrect Authorization vulnerability in Updraftplus The UpdraftPlus WordPress plugin Free before 1.22.3 and Premium before 2.22.3 do not properly validate a user has the required privileges to access a backup's nonce identifier, which may allow any users with an account on the site (such as subscriber) to download the most recent site & database backup. | 6.5 |
| 2022-02-17 | CVE-2022-25270 | Incorrect Authorization vulnerability in Drupal The Quick Edit module does not properly check entity access in some circumstances. | 6.5 |
| 2022-02-16 | CVE-2021-22042 | Incorrect Authorization vulnerability in VMWare Cloud Foundation and Esxi VMware ESXi contains an unauthorized access vulnerability due to VMX having access to settingsd authorization tickets. | 7.8 |
| 2022-02-14 | CVE-2022-0580 | Incorrect Authorization vulnerability in Librenms Incorrect Authorization in Packagist librenms/librenms prior to 22.2.0. | 8.8 |