Vulnerabilities > Incorrect Authorization

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-20	CVE-2021-4334	Incorrect Authorization vulnerability in Radykal Fancy Product Designer The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized modification of site options due to a missing capability check on the fpd_update_options function in versions up to, and including, 4.6.9. network low complexity radykal CWE-863	8.8
2023-10-20	CVE-2023-34051	Incorrect Authorization vulnerability in VMWare Aria Operations for Logs VMware Aria Operations for Logs contains an authentication bypass vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution. network low complexity vmware CWE-863 critical	9.8
2023-10-16	CVE-2023-29484	Incorrect Authorization vulnerability in Terminalfour In Terminalfour before 8.3.16, misconfigured LDAP users are able to login with an invalid password. network low complexity terminalfour CWE-863	6.5
2023-10-16	CVE-2023-43119	Incorrect Authorization vulnerability in Extremenetworks Exos 31.7.1/32.0 An Access Control issue discovered in Extreme Networks Switch Engine (EXOS) before 32.5.1.5, also fixed in 22.7, 31.7.2 allows attackers to gain escalated privileges using crafted telnet commands via Redis server. network low complexity extremenetworks CWE-863 critical	9.8
2023-10-13	CVE-2023-38218	Incorrect Authorization vulnerability in Adobe Commerce and Magento Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Incorrect Authorization . network low complexity adobe CWE-863	8.8
2023-10-12	CVE-2023-40829	Incorrect Authorization vulnerability in Tencent Enterprise Wechat Privatization 2.5.0/2.6.930000 There is an interface unauthorized access vulnerability in the background of Tencent Enterprise Wechat Privatization 2.5.x and 2.6.930000. network low complexity tencent CWE-863	7.5
2023-10-11	CVE-2023-28635	Incorrect Authorization vulnerability in Vantage6 vantage6 is privacy preserving federated learning infrastructure. network low complexity vantage6 CWE-863	5.4
2023-10-11	CVE-2023-35653	Incorrect Authorization vulnerability in Google Android In TBD of TBD, there is a possible way to access location information due to a permissions bypass. local low complexity google CWE-863	4.4
2023-10-11	CVE-2023-41882	Incorrect Authorization vulnerability in Vantage6 vantage6 is privacy preserving federated learning infrastructure. network low complexity vantage6 CWE-863	4.3
2023-10-11	CVE-2023-5521	Incorrect Authorization vulnerability in Kernelsu Incorrect Authorization in GitHub repository tiann/kernelsu prior to v0.6.9. network low complexity kernelsu CWE-863 critical	9.8

Vulnerabilities > Incorrect Authorization {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Incorrect Authorization"}]}

Vulnerabilities > Incorrect Authorization