Vulnerabilities > Authorization Bypass Through User-Controlled Key
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-02-23 | CVE-2022-0731 | Authorization Bypass Through User-Controlled Key vulnerability in Dolibarr Erp/Crm Improper Access Control (IDOR) in GitHub repository dolibarr/dolibarr prior to 16.0. | 6.5 |
2022-02-21 | CVE-2022-0691 | Authorization Bypass Through User-Controlled Key vulnerability in Url-Parse Project Url-Parse Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.9. | 9.8 |
2022-02-20 | CVE-2022-0686 | Authorization Bypass Through User-Controlled Key vulnerability in Url-Parse Project Url-Parse Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.8. | 9.1 |
2022-02-19 | CVE-2022-24979 | Authorization Bypass Through User-Controlled Key vulnerability in Mittwald Varnishcache An issue was discovered in the Varnishcache extension before 2.0.1 for TYPO3. | 5.0 |
2022-02-18 | CVE-2022-25336 | Authorization Bypass Through User-Controlled Key vulnerability in Ibexa EZ Platform Kernel Ibexa DXP ezsystems/ezpublish-kernel 7.5.x before 7.5.26 and 1.3.x before 1.3.12 allows Insecure Direct Object Reference (IDOR) attacks against image files because the image path and filename can be correctly deduced. | 5.3 |
2022-02-17 | CVE-2022-0639 | Authorization Bypass Through User-Controlled Key vulnerability in Url-Parse Project Url-Parse Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.7. | 5.3 |
2022-02-16 | CVE-2022-0613 | Authorization Bypass Through User-Controlled Key vulnerability in multiple products Authorization Bypass Through User-Controlled Key in NPM urijs prior to 1.19.8. | 6.5 |
2022-02-15 | CVE-2021-46249 | Authorization Bypass Through User-Controlled Key vulnerability in Scratchoauth2 Project Scratchoauth2 An authorization bypass exploited by a user-controlled key in SpecificApps REST API in ScratchOAuth2 before commit d856dc704b2504cd3b92cf089fdd366dd40775d6 allows app owners to set flags that indicate whether an app is verified on their own apps. | 4.0 |
2022-02-14 | CVE-2022-0512 | Authorization Bypass Through User-Controlled Key vulnerability in Url-Parse Project Url-Parse Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.6. | 5.3 |
2022-02-09 | CVE-2021-3813 | Authorization Bypass Through User-Controlled Key vulnerability in Chatwoot Improper Privilege Management in GitHub repository chatwoot/chatwoot prior to v2.2. | 6.5 |