Vulnerabilities > Incorrect Authorization
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-08-07 | CVE-2024-7266 | Incorrect Authorization vulnerability in Nask EZD RP Incorrect User Management vulnerability in Naukowa i Akademicka Siec Komputerowa - Panstwowy Instytut Badawczy EZD RP allows logged-in user to list all users in the system, including those from other organizations. This issue affects EZD RP: from 15 before 15.84, from 16 before 16.15, from 17 before 17.2. | 4.3 |
2024-08-07 | CVE-2024-42062 | Incorrect Authorization vulnerability in Apache Cloudstack CloudStack account-users by default use username and password based authentication for API and UI access. | 7.2 |
2024-08-06 | CVE-2024-6358 | Incorrect Authorization vulnerability in Opentext Arcsight Intelligence Incorrect Authorization vulnerability identified in OpenText ArcSight Intelligence. | 8.8 |
2024-08-06 | CVE-2024-6202 | Incorrect Authorization vulnerability in Haloservicesolutions Haloitsm HaloITSM versions up to 2.146.1 are affected by a SAML XML Signature Wrapping (XSW) vulnerability. | 9.8 |
2024-07-26 | CVE-2024-7062 | Incorrect Authorization vulnerability in Mikekazakov Nimble Commander Nimble Commander suffers from a privilege escalation vulnerability due to the server (info.filesmanager.Files.PrivilegedIOHelperV2) performing improper/insufficient validation of a client’s authorization before executing an operation. | 7.8 |
2024-07-16 | CVE-2024-5816 | Incorrect Authorization vulnerability in Github Enterprise Server An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed a suspended GitHub App to retain access to the repository via a scoped user access token. | 5.3 |
2024-07-16 | CVE-2024-5817 | Incorrect Authorization vulnerability in Github Enterprise Server An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed read access to issue content via GitHub Projects. | 6.5 |
2024-07-02 | CVE-2024-39324 | Incorrect Authorization vulnerability in Aimeos Ai-Admin-Graphql aimeos/ai-admin-graphql is the Aimeos GraphQL API admin interface. | 3.8 |
2024-06-27 | CVE-2024-4011 | Incorrect Authorization vulnerability in Gitlab An issue was discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows non-project member to promote key results to objectives. | 4.3 |
2024-06-27 | CVE-2024-6323 | Incorrect Authorization vulnerability in Gitlab Improper authorization in global search in GitLab EE affecting all versions from 16.11 prior to 16.11.5 and 17.0 prior to 17.0.3 and 17.1 prior to 17.1.1 allows an attacker leak content of a private repository in a public project. | 7.5 |