Vulnerabilities > Authorization Bypass Through User-Controlled Key
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-27 | CVE-2022-22828 | Authorization Bypass Through User-Controlled Key vulnerability in Synametrics Synaman An insecure direct object reference for the file-download URL in Synametrics SynaMan before 5.0 allows a remote attacker to access unshared files via a modified base64-encoded filename string. | 7.5 |
| 2022-01-24 | CVE-2022-23856 | Authorization Bypass Through User-Controlled Key vulnerability in Saviynt Enterprise Identity Cloud An issue was discovered in Saviynt Enterprise Identity Cloud (EIC) 5.5 SP2.x. | 5.3 |
| 2022-01-19 | CVE-2022-0266 | Authorization Bypass Through User-Controlled Key vulnerability in Livehelperchat Live Helper Chat Authorization Bypass Through User-Controlled Key in Packagist remdex/livehelperchat prior to 3.92v. | 6.6 |
| 2022-01-18 | CVE-2021-44836 | Authorization Bypass Through User-Controlled Key vulnerability in Deltarm Delta RM 1.2 An issue was discovered in Delta RM 1.2. | 4.3 |
| 2022-01-14 | CVE-2021-3965 | Authorization Bypass Through User-Controlled Key vulnerability in HP products Certain HP DesignJet products may be vulnerable to unauthenticated HTTP requests which allow viewing and downloading of print job previews. | 7.5 |
| 2022-01-12 | CVE-2021-3852 | Authorization Bypass Through User-Controlled Key vulnerability in Weseek Growi growi is vulnerable to Authorization Bypass Through User-Controlled Key | 7.5 |
| 2022-01-03 | CVE-2021-45428 | Authorization Bypass Through User-Controlled Key vulnerability in Telesquare Tlr-2005Ksh Firmware TLR-2005KSH is affected by an incorrect access control vulnerability. | 9.8 |
| 2021-12-28 | CVE-2021-40579 | Authorization Bypass Through User-Controlled Key vulnerability in Online Enrollment Management System Project Online Enrollment Management System 1.0 https://www.sourcecodester.com/ Online Enrollment Management System in PHP and PayPal Free Source Code 1.0 is affected by: Incorrect Access Control. | 6.5 |
| 2021-12-21 | CVE-2021-24739 | Authorization Bypass Through User-Controlled Key vulnerability in Shapedplugin Logo Carousel The Logo Carousel WordPress plugin before 3.4.2 allows users with a role as low as Contributor to duplicate and view arbitrary private posts made by other users via the Carousel Duplication feature | 8.1 |
| 2021-12-14 | CVE-2021-43828 | Authorization Bypass Through User-Controlled Key vulnerability in Patrowl Patrowlmanager PatrOwl is a free and open-source solution for orchestrating Security Operations. | 7.5 |