Vulnerabilities > Authorization Bypass Through User-Controlled Key
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-03 | CVE-2019-12866 | Authorization Bypass Through User-Controlled Key vulnerability in Jetbrains Youtrack An Insecure Direct Object Reference, with Authorization Bypass through a User-Controlled Key, was possible in JetBrains YouTrack. | 9.8 |
| 2019-06-05 | CVE-2019-12742 | Authorization Bypass Through User-Controlled Key vulnerability in Bludit Bludit prior to 3.9.1 allows a non-privileged user to change the password of any account, including admin. | 8.8 |
| 2019-05-21 | CVE-2019-12252 | Authorization Bypass Through User-Controlled Key vulnerability in Zohocorp Manageengine Servicedesk Plus In Zoho ManageEngine ServiceDesk Plus through 10.5, users with the lowest privileges (guest) can view an arbitrary post by appending its number to the SDNotify.do?notifyModule=Solution&mode=E-Mail¬ifyTo=SOLFORWARD&id= substring. | 6.5 |
| 2019-05-15 | CVE-2019-10108 | Authorization Bypass Through User-Controlled Key vulnerability in Gitlab An Incorrect Access Control (issue 1 of 2) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. | 5.4 |
| 2019-05-06 | CVE-2018-18976 | Authorization Bypass Through User-Controlled Key vulnerability in Ascensia Contour Diabetes An issue was discovered in the Ascensia Contour NEXT ONE application for iOS and Android before 2019-01-15. | 5.3 |
| 2019-04-17 | CVE-2019-9756 | Authorization Bypass Through User-Controlled Key vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 10.x (starting from 10.8) and 11.x before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. | 9.8 |
| 2019-04-17 | CVE-2019-9219 | Authorization Bypass Through User-Controlled Key vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. | 3.7 |
| 2019-04-17 | CVE-2019-9170 | Authorization Bypass Through User-Controlled Key vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. | 5.3 |
| 2019-03-29 | CVE-2019-9921 | Authorization Bypass Through User-Controlled Key vulnerability in Harmistechnology JE Messenger 1.2.2 An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. | 6.5 |
| 2019-03-22 | CVE-2019-9938 | Authorization Bypass Through User-Controlled Key vulnerability in Ushareit Shareit 4.0.34/4.0.38 The SHAREit application before 4.0.42 for Android allows a remote attacker (on the same network or joining public "open" Wi-Fi hotspots created by the application when file transfer is initiated) to download arbitrary files from the device including contacts, photos, videos, sound clips, etc. | 5.3 |