Vulnerabilities > Authorization Bypass Through User-Controlled Key
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-18 | CVE-2024-43322 | Authorization Bypass Through User-Controlled Key vulnerability in Zephyr-One Zephyr Project Manager Authorization Bypass Through User-Controlled Key vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from n/a through 3.3.100. | 9.8 |
| 2024-08-16 | CVE-2024-42463 | Authorization Bypass Through User-Controlled Key vulnerability in Upkeeper Manager Authorization Bypass Through User-Controlled Key vulnerability in upKeeper Solutions product upKeeper Manager allows Utilizing REST's Trust in the System Resource to Obtain Sensitive Data.This issue affects upKeeper Manager: through 5.1.9. | 6.5 |
| 2024-08-16 | CVE-2024-42464 | Authorization Bypass Through User-Controlled Key vulnerability in Upkeeper Manager Authorization Bypass Through User-Controlled Key vulnerability in upKeeper Solutions product upKeeper Manager allows Utilizing REST's Trust in the System Resource to Obtain Sensitive Data.This issue affects upKeeper Manager: through 5.1.9. | 6.5 |
| 2024-08-15 | CVE-2024-6534 | Authorization Bypass Through User-Controlled Key vulnerability in Monospace Directus 10.13.0 Directus v10.13.0 allows an authenticated external attacker to modify presets created by the same user to assign them to another user. | 4.3 |
| 2024-08-12 | CVE-2024-7658 | Authorization Bypass Through User-Controlled Key vulnerability in Projectsend A vulnerability, which was classified as problematic, has been found in projectsend up to r1605. | 5.3 |
| 2024-08-08 | CVE-2024-3035 | Authorization Bypass Through User-Controlled Key vulnerability in Gitlab A permission check vulnerability in GitLab CE/EE affecting all versions starting from 8.12 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2 allowed for LFS tokens to read and write to the user owned repositories. | 8.1 |
| 2024-08-06 | CVE-2024-6357 | Authorization Bypass Through User-Controlled Key vulnerability in Opentext Arcsight Intelligence Insecure Direct Object Reference vulnerability identified in OpenText ArcSight Intelligence. | 8.8 |
| 2024-08-03 | CVE-2024-7438 | Authorization Bypass Through User-Controlled Key vulnerability in Simplemachines Simple Machines Forum 2.1.4 A vulnerability has been found in SimpleMachines SMF 2.1.4 and classified as problematic. | 4.3 |
| 2024-08-03 | CVE-2024-7437 | Authorization Bypass Through User-Controlled Key vulnerability in Simplemachines Simple Machines Forum 2.1.4 A vulnerability, which was classified as critical, was found in SimpleMachines SMF 2.1.4. | 4.3 |
| 2024-07-19 | CVE-2024-5977 | Authorization Bypass Through User-Controlled Key vulnerability in Givewp The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.13.0 via the 'handleRequest' function due to missing validation on a user controlled key. | 5.4 |