Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-09 | CVE-2024-8601 | Incorrect Authorization vulnerability in Techexcel Back Office Software This vulnerability exists in TechExcel Back Office Software versions prior to 1.0.0 due to improper access controls on certain API endpoints. | 6.5 |
| 2024-09-04 | CVE-2024-34642 | Incorrect Authorization vulnerability in Samsung Android 12.0/13.0/14.0 Improper authorization in One UI Home prior to SMR Sep-2024 Release 1 allows physical attackers to temporarily access sensitive information. | 4.6 |
| 2024-09-04 | CVE-2024-34650 | Incorrect Authorization vulnerability in Samsung Android 14.0 Incorrect authorization in CocktailbarService prior to SMR Sep-2024 Release 1 allows local attackers to access privileged APIs related to Edge panel. | 3.3 |
| 2024-09-04 | CVE-2024-34651 | Incorrect Authorization vulnerability in Samsung Android 12.0/13.0/14.0 Improper authorization in My Files prior to SMR Sep-2024 Release 1 allows local attackers to access restricted data in My Files. | 5.5 |
| 2024-09-04 | CVE-2024-34652 | Incorrect Authorization vulnerability in Samsung Android 12.0/13.0/14.0 Incorrect authorization in kperfmon prior to SMR Sep-2024 Release 1 allows local attackers to access information related to performance including app usage. | 3.3 |
| 2024-09-03 | CVE-2024-45588 | Incorrect Authorization vulnerability in Symphonyfintech XTS Mobile Trader and XTS web Trader This vulnerability exists in Symphony XTS Web Trading platform version 2.0.0.1_P160 due to improper access controls on APIs in the Preference module of the application. | 8.1 |
| 2024-09-01 | CVE-2024-45509 | Incorrect Authorization vulnerability in Misp In MISP through 2.4.196, app/Controller/BookmarksController.php does not properly restrict access to bookmarks data in the case where the user is not an org admin. | 6.5 |
| 2024-08-30 | CVE-2024-38868 | Incorrect Authorization vulnerability in Zohocorp Manageengine Endpoint Central Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability while isolating the devices.This issue affects Endpoint Central: before 11.3.2406.08 and before 11.3.2400.15 | 8.3 |
| 2024-08-29 | CVE-2024-41964 | Incorrect Authorization vulnerability in Getkirby Kirby Kirby is a CMS targeting designers and editors. | 8.1 |
| 2024-08-29 | CVE-2024-43954 | Incorrect Authorization vulnerability in Themeum Droip Incorrect Authorization vulnerability in Themeum Droip allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Droip: from n/a through 1.1.1. | 6.3 |