Vulnerabilities > Authorization Bypass Through User-Controlled Key
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-09 | CVE-2021-3813 | Authorization Bypass Through User-Controlled Key vulnerability in Chatwoot Improper Privilege Management in GitHub repository chatwoot/chatwoot prior to v2.2. | 6.5 |
| 2022-02-08 | CVE-2022-21713 | Authorization Bypass Through User-Controlled Key vulnerability in multiple products Grafana is an open-source platform for monitoring and observability. | 4.3 |
| 2022-02-07 | CVE-2021-25096 | Authorization Bypass Through User-Controlled Key vulnerability in Ip2Location Country Blocker The IP2Location Country Blocker WordPress plugin before 2.26.5 bans can be bypassed by using a specific parameter in the URL | 6.5 |
| 2022-02-06 | CVE-2022-22832 | Authorization Bypass Through User-Controlled Key vulnerability in Servisnet Tessa 0.0.2 An issue was discovered in Servisnet Tessa 0.0.2. | 9.8 |
| 2022-01-28 | CVE-2021-41608 | Authorization Bypass Through User-Controlled Key vulnerability in Classapps Selectsurvey.Net A file disclosure vulnerability in the UploadedImageDisplay.aspx endpoint of SelectSurvey.NET before 5.052.000 allows a remote, unauthenticated attacker to retrieve survey user submitted data by modifying the value of the ID parameter in sequential order beginning from 1. | 7.5 |
| 2022-01-27 | CVE-2022-22828 | Authorization Bypass Through User-Controlled Key vulnerability in Synametrics Synaman An insecure direct object reference for the file-download URL in Synametrics SynaMan before 5.0 allows a remote attacker to access unshared files via a modified base64-encoded filename string. | 7.5 |
| 2022-01-24 | CVE-2022-23856 | Authorization Bypass Through User-Controlled Key vulnerability in Saviynt Enterprise Identity Cloud An issue was discovered in Saviynt Enterprise Identity Cloud (EIC) 5.5 SP2.x. | 5.3 |
| 2022-01-18 | CVE-2021-44836 | Authorization Bypass Through User-Controlled Key vulnerability in Deltarm Delta RM 1.2 An issue was discovered in Delta RM 1.2. | 4.3 |
| 2022-01-14 | CVE-2021-3965 | Authorization Bypass Through User-Controlled Key vulnerability in HP products Certain HP DesignJet products may be vulnerable to unauthenticated HTTP requests which allow viewing and downloading of print job previews. | 7.5 |
| 2022-01-03 | CVE-2021-45428 | Authorization Bypass Through User-Controlled Key vulnerability in Telesquare Tlr-2005Ksh Firmware TLR-2005KSH is affected by an incorrect access control vulnerability. | 9.8 |