Vulnerabilities > Authorization Bypass Through User-Controlled Key
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-21 | CVE-2023-1462 | Authorization Bypass Through User-Controlled Key vulnerability in Vadi Digikent Authorization Bypass Through User-Controlled Key vulnerability in Vadi Corporate Information Systems DigiKent allows Authentication Bypass, Authentication Abuse. This issue affects DigiKent: before 23.03.20. | 8.8 |
| 2023-03-17 | CVE-2023-1463 | Authorization Bypass Through User-Controlled Key vulnerability in Teampass Authorization Bypass Through User-Controlled Key in GitHub repository nilsteampassnet/teampass prior to 3.0.0.23. | 5.4 |
| 2023-03-16 | CVE-2023-28109 | Authorization Bypass Through User-Controlled Key vulnerability in Play-With-Docker Play With Docker 0.0.1/0.0.2 Play With Docker is a browser-based Docker playground. | 6.5 |
| 2023-03-06 | CVE-2021-36400 | Authorization Bypass Through User-Controlled Key vulnerability in Moodle In Moodle, insufficient capability checks made it possible to remove other users' calendar URL subscriptions. | 5.3 |
| 2023-03-03 | CVE-2023-25403 | Authorization Bypass Through User-Controlled Key vulnerability in Yf-Exam Project Yf-Exam 1.8.0 CleverStupidDog yf-exam v 1.8.0 is vulnerable to Authentication Bypass. | 7.5 |
| 2023-02-17 | CVE-2023-0882 | Authorization Bypass Through User-Controlled Key vulnerability in Krontech Single Connect 2.16 Improper Input Validation, Authorization Bypass Through User-Controlled Key vulnerability in Kron Tech Single Connect on Windows allows Privilege Abuse. This issue affects Single Connect: 2.16. | 8.8 |
| 2023-02-13 | CVE-2023-25160 | Authorization Bypass Through User-Controlled Key vulnerability in Nextcloud Mail Nextcloud Mail is an email app for the Nextcloud home server platform. | 5.3 |
| 2023-02-03 | CVE-2022-34138 | Authorization Bypass Through User-Controlled Key vulnerability in Biltema Baby Camera Firmware and IP Camera Firmware Insecure direct object references (IDOR) in the web server of Biltema IP and Baby Camera Software v124 allows attackers to access sensitive information. | 7.5 |
| 2023-01-26 | CVE-2021-36539 | Authorization Bypass Through User-Controlled Key vulnerability in Instructure Canvas Learning Management Service 20200729 Instructure Canvas LMS didn't properly deny access to locked/unpublished files when the unprivileged user access the DocViewer based file preview URL (canvadoc_session_url). | 6.5 |
| 2023-01-18 | CVE-2022-45927 | Authorization Bypass Through User-Controlled Key vulnerability in Opentext Extended ECM An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). | 8.8 |