Vulnerabilities > Incorrect Authorization
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-20 | CVE-2021-4334 | Incorrect Authorization vulnerability in Radykal Fancy Product Designer The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized modification of site options due to a missing capability check on the fpd_update_options function in versions up to, and including, 4.6.9. | 8.8 |
2023-10-20 | CVE-2023-34051 | Incorrect Authorization vulnerability in VMWare Aria Operations for Logs VMware Aria Operations for Logs contains an authentication bypass vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution. | 9.8 |
2023-10-16 | CVE-2023-29484 | Incorrect Authorization vulnerability in Terminalfour In Terminalfour before 8.3.16, misconfigured LDAP users are able to login with an invalid password. | 6.5 |
2023-10-16 | CVE-2023-43119 | Incorrect Authorization vulnerability in Extremenetworks Exos 31.7.1/32.0 An Access Control issue discovered in Extreme Networks Switch Engine (EXOS) before 32.5.1.5, also fixed in 22.7, 31.7.2 allows attackers to gain escalated privileges using crafted telnet commands via Redis server. | 9.8 |
2023-10-13 | CVE-2023-38218 | Incorrect Authorization vulnerability in Adobe Commerce and Magento Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Incorrect Authorization . | 8.8 |
2023-10-12 | CVE-2023-40829 | Incorrect Authorization vulnerability in Tencent Enterprise Wechat Privatization 2.5.0/2.6.930000 There is an interface unauthorized access vulnerability in the background of Tencent Enterprise Wechat Privatization 2.5.x and 2.6.930000. | 7.5 |
2023-10-11 | CVE-2023-28635 | Incorrect Authorization vulnerability in Vantage6 vantage6 is privacy preserving federated learning infrastructure. | 5.4 |
2023-10-11 | CVE-2023-35653 | Incorrect Authorization vulnerability in Google Android In TBD of TBD, there is a possible way to access location information due to a permissions bypass. | 4.4 |
2023-10-11 | CVE-2023-41882 | Incorrect Authorization vulnerability in Vantage6 vantage6 is privacy preserving federated learning infrastructure. | 4.3 |
2023-10-11 | CVE-2023-5521 | Incorrect Authorization vulnerability in Kernelsu Incorrect Authorization in GitHub repository tiann/kernelsu prior to v0.6.9. | 9.8 |