Vulnerabilities > Authorization Bypass Through User-Controlled Key
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-09 | CVE-2023-42455 | Authorization Bypass Through User-Controlled Key vulnerability in Wazuh Wazuh-Dashboard and Wazuh-Kibana-App Wazuh is a security detection, visibility, and compliance open source project. | 8.8 |
2023-10-05 | CVE-2023-26237 | Authorization Bypass Through User-Controlled Key vulnerability in Watchguard products An issue was discovered in WatchGuard EPDR 8.0.21.0002. | 6.7 |
2023-10-03 | CVE-2023-2544 | Authorization Bypass Through User-Controlled Key vulnerability in UPV Peix Authorization bypass vulnerability in UPV PEIX, affecting the component "pdf_curri_new.php". | 6.5 |
2023-10-03 | CVE-2023-32669 | Authorization Bypass Through User-Controlled Key vulnerability in Buddyboss 2.2.9 Authorization bypass vulnerability in BuddyBoss 2.2.9 version, the exploitation of which could allow an authenticated user to access and rename other users' albums. | 5.4 |
2023-10-03 | CVE-2023-4099 | Authorization Bypass Through User-Controlled Key vulnerability in Qsige 3.0.0.0 The QSige Monitor application does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. | 6.5 |
2023-10-03 | CVE-2023-4101 | Authorization Bypass Through User-Controlled Key vulnerability in Qsige 3.0.0.0 The QSige login SSO does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. | 6.5 |
2023-09-28 | CVE-2023-38872 | Authorization Bypass Through User-Controlled Key vulnerability in Economizzer 0.9/April2023 An Insecure Direct Object Reference (IDOR) vulnerability in gugoan Economizzer commit 3730880 (April 2023) and v.0.9-beta1 allows any unauthenticated attacker to access cash book entry attachments of any other user, if they know the Id of the attachment. | 3.7 |
2023-09-27 | CVE-2023-44154 | Authorization Bypass Through User-Controlled Key vulnerability in Acronis Cyber Protect 15 Sensitive information disclosure and manipulation due to improper authorization. | 8.1 |
2023-09-27 | CVE-2023-44205 | Authorization Bypass Through User-Controlled Key vulnerability in Acronis Cyber Protect 15 Sensitive information disclosure due to improper authorization. | 5.3 |
2023-09-27 | CVE-2023-44206 | Authorization Bypass Through User-Controlled Key vulnerability in Acronis Cyber Protect 15 Sensitive information disclosure and manipulation due to improper authorization. | 9.1 |