Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-30 | CVE-2024-47172 | Incorrect Authorization vulnerability in Cvat Computer Vision Annotation Tool Computer Vision Annotation Tool (CVAT) is an interactive video and image annotation tool for computer vision. | 5.4 |
| 2024-09-26 | CVE-2024-8974 | Incorrect Authorization vulnerability in Gitlab Information disclosure in Gitlab EE/CE affecting all versions from 15.6 prior to 17.2.8, 17.3 prior to 17.3.4, and 17.4 prior to 17.4.1 in specific conditions it was possible to disclose to an unauthorised user the path of a private project." | 4.3 |
| 2024-09-26 | CVE-2024-7108 | Incorrect Authorization vulnerability in Nationalkeep Cybermath 1.4 Incorrect Authorization vulnerability in National Keep Cyber Security Services CyberMath allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects CyberMath: before CYBM.240816253. | 9.8 |
| 2024-09-25 | CVE-2024-20510 | Incorrect Authorization vulnerability in Cisco IOS XE A vulnerability in the Central Web Authentication (CWA) feature of Cisco IOS XE Software for Wireless Controllers could allow an unauthenticated, adjacent attacker to bypass the pre-authentication access control list (ACL), which could allow access to network resources before user authentication. This vulnerability is due to a logic error when activating the pre-authentication ACL that is received from the authentication, authorization, and accounting (AAA) server. | 9.3 |
| 2024-09-25 | CVE-2024-47078 | Incorrect Authorization vulnerability in Meshtastic Firmware Meshtastic is an open source, off-grid, decentralized, mesh network. | 9.8 |
| 2024-09-25 | CVE-2024-6512 | Incorrect Authorization vulnerability in Devolutions Server Authorization bypass in the PAM access request approval mechanism in Devolutions Server 2024.2.10 and earlier allows authenticated users with permissions to approve their own requests, bypassing intended security restrictions, via the PAM access request approval mechanism. | 6.5 |
| 2024-09-25 | CVE-2024-6592 | Incorrect Authorization vulnerability in Watchguard Authentication Gateway and Single Sign-On Client Incorrect Authorization vulnerability in the protocol communication between the WatchGuard Authentication Gateway (aka Single Sign-On Agent) on Windows and the WatchGuard Single Sign-On Client on Windows and MacOS allows Authentication Bypass.This issue affects the Authentication Gateway: through 12.10.2; Windows Single Sign-On Client: through 12.7; MacOS Single Sign-On Client: through 12.5.4. | 9.1 |
| 2024-09-25 | CVE-2024-6593 | Incorrect Authorization vulnerability in Watchguard Authentication Gateway Incorrect Authorization vulnerability in WatchGuard Authentication Gateway (aka Single Sign-On Agent) on Windows allows an attacker with network access to execute restricted management commands. This issue affects Authentication Gateway: through 12.10.2. | 9.1 |
| 2024-09-23 | CVE-2024-8606 | Incorrect Authorization vulnerability in Checkmk 2.2.0/2.3.0 Bypass of two factor authentication in RestAPI in Checkmk < 2.3.0p16 and < 2.2.0p34 allows authenticated users to bypass two factor authentication | 8.8 |
| 2024-09-20 | CVE-2024-47060 | Incorrect Authorization vulnerability in Zitadel Zitadel is an open source identity management platform. | 6.5 |