CWE:
 

Tytuł
Data
Autor
Med.
Ember Enterprises E2in Improper Authentication
13.12.2020
KingSkrupellos
Med.
Sanishsoft Authentication Bypass
13.12.2020
KingSkrupellos
Med.
Sharptech Digital Marketing Agency Authentication Bypass
13.12.2020
KingSkrupellos
High
WebDehasi Hosting File Insert Authentication Bypass
09.11.2020
KingSkrupellos
Med.
HindSoft Technology Pvt Ltd India Insert File Authentication Bypass
08.11.2020
KingSkrupellos
Med.
HigsonMedia Improper Authentication
29.05.2020
KingSkrupellos
Med.
UinfoTechnology Pvt Ltd Gentelella Alela Colorlib Improper Authentication
29.05.2020
KingSkrupellos
Med.
Mildtrix Business Solutions Pvt Ltd 2.3.12 Improper Authentication
29.05.2020
KingSkrupellos
Med.
Solidale InfoTech Authentication Bypass
28.05.2020
KingSkrupellos
Med.
Bagwar Softwares Pvt Ltd Authentication Bypass
28.05.2020
KingSkrupellos
Med.
Saloni Info Tech Accocca Constructions Pvt Ltd Authentication Bypass
28.05.2020
KingSkrupellos
Med.
Ayan Advisory Private Limited Authentication Bypass
28.05.2020
KingSkrupellos
Med.
Teak Squash Design and Solutions Authentication Bypass
28.05.2020
KingSkrupellos
Med.
Gharuda Infotech Pvt Ltd Authentication Bypass
28.05.2020
KingSkrupellos
Med.
NextgenUSCorp Authentication Bypass
27.05.2020
KingSkrupellos
Med.
Upturn Smart Online Exam System Mayuri Authentication Bypass
27.05.2020
KingSkrupellos
High
WebIndiaServices Team Authentication Bypass
27.05.2020
KingSkrupellos
Med.
School Sports Promotion Foundation Sspf India Authentication Bypass
27.05.2020
KingSkrupellos
Med.
Gangotri Group Shubham Srivastava Authentication Bypass
27.05.2020
KingSkrupellos
Med.
3NetWorks Authentication Bypass
27.05.2020
KingSkrupellos
Med.
Chamilo © 2020 Campus v1 ElFinder Backdoor Access Shell Upload Vulnerability
27.05.2020
KingSkrupellos
Med.
ABCMedya Bilişim Software 2.0 Authentication Bypass
20.05.2020
KingSkrupellos
Med.
Sync Bilişim Software Arbitrary File Upload Authentication Bypass
20.05.2020
KingSkrupellos
Med.
Ja IT Solution JaisBD Bangladesh Software Authentication Bypass
18.05.2020
KingSkrupellos
Med.
Saudi Indian Football Forum Siffjeddah Authentication Bypass Shell Upload
11.05.2020
KingSkrupellos
Med.
Great Web Solutions Pvt Ltd Improper Authentication
09.05.2020
KingSkrupellos
Med.
LBMInfoTech Improper Authentication
09.05.2020
KingSkrupellos
Med.
Tiol Group WebSites Taxindiainternational Pvt Ltd Improper Authentication
09.05.2020
KingSkrupellos
Med.
Great Web Solutions Pvt Ltd Improper Authentication
09.05.2020
KingSkrupellos
Med.
Tiol Group WebSites Taxindiainternational Pvt Ltd Improper Authentication
09.05.2020
KingSkrupellos
Med.
LBMInfoTech Improper Authentication
09.05.2020
KingSkrupellos
High
ThietkeWebX Quatangtraitim VietNext Unauthorized File Upload Improper Authentication
06.05.2020
KingSkrupellos
Med.
Suvega Digital Media Pvt Ltd Improper Authentication
06.05.2020
KingSkrupellos
Med.
Du Hoc Ioc Vietnamese System Improper Authentication
06.05.2020
KingSkrupellos
Med.
Niladri Marketing Pvt. Ltd. Triimax_Ind Siimax Infotimes Improper Authentication
04.05.2020
KingSkrupellos
Med.
WebTechnologic SQL Injection Improper Authentication
04.05.2020
KingSkrupellos
Med.
ComangSoft Improper Authentication
03.05.2020
KingSkrupellos
Med.
Skynyx Technologies Private Limited Improper Authentication
03.05.2020
KingSkrupellos
Med.
GloriousWebTech Improper Authentication
03.05.2020
KingSkrupellos
Med.
Mystic Media Webinitiate Improper Authentication Backdoor Access
03.05.2020
KingSkrupellos
Med.
SkyWayInfoMedia Improper Authentication
03.05.2020
KingSkrupellos
Med.
TechDomain BD Improper Authentication
03.05.2020
KingSkrupellos
Med.
Pinnacle India Solution Admin Authentication Bypass
15.04.2020
KingSkrupellos
Med.
SSInfoTech Rohini WebDesign Company Authentication Bypass
18.09.2019
KingSkrupellos
Med.
Cisco UCS / IMC Supervisor Authentication Bypass / Command Injection
29.08.2019
Pedro Ribeiro
Med.
RecargatonerAntequera Improper Authentication Vulnerability
20.08.2019
KingSkrupellos
Med.
Sistema Mobiliario en Movimiento ComponentsMx Authentication Bypass Insert File Vulnerability
19.08.2019
KingSkrupellos
Med.
Sistema Suanca Industrias Authentication Bypass Insert File Vulnerability
19.08.2019
KingSkrupellos
Med.
Sistema CodiFarma San Jose de los Cedros Authentication Bypass Insert File Vulnerability
19.08.2019
KingSkrupellos
Med.
Bgrecuperacion Chihuahua Authentication Bypass Insert File Vulnerability
19.08.2019
KingSkrupellos
Med.
UfaCup88 Authentication Bypass Insert File Vulnerability
19.08.2019
KingSkrupellos
Med.
Keros ClaudioGarau Improper Authentication Insert File Vulnerability
19.08.2019
KingSkrupellos
Med.
AlemReklam Ajans Improper Authentication File Upload Vulnerability
17.08.2019
KingSkrupellos
Med.
Sistema Vitapromin Nuticion Inteligente Improper Authentication File Upload Vulnerability
11.08.2019
KingSkrupellos
Med.
Powered By Vlaevski Site Administration 1.0 Improper Authentication File Upload Vulnerability
11.08.2019
KingSkrupellos
Med.
Ellucian Banner Web Tailor / Banner Enterprise Identity Services Improper Authentication
14.05.2019
Joshua Mulliken
Med.
Desenvolvido por Agencia CDG Design Brasil Improper Authentication
09.04.2019
KingSkrupellos
Med.
Webmaster Atom Computer Software Counselling Improper Access Control Vulnerability
16.10.2018
KingSkrupellos
Low
WordPress Developed by Netsoft Limited Software Development Bangladesh Improper Authentication Vulnerability
05.09.2018
KingSkrupellos
Med.
Designed & Developed by Sacit.Lk SriLanka Improper Authentication Vulnerability
05.07.2018
KingSkrupellos
Med.
Powered by Yii Framework RBAC Manager for Yii 2 Improper Authentication Vulnerability
01.07.2018
KingSkrupellos
Med.
JanTek JTC-200 RS232-NET Connector CSRF / Missing Authentication
01.11.2017
Karn Ganeshen
Med.
Samsung Smart TV Wi-Fi Direction Improper Authentication
27.04.2017
Neseso Research Team
Med.
Aruba Networks AOS 6.3.1.19 Improper Authentication
08.11.2016
Klaus Tichman
High
DOKEOS ce30 Authentication Bypass
19.02.2016
High-Tech Bridge Secur...
Low
Pentaho 5.2.x BA Suite / PDI Information Disclosure
20.09.2015
Gregory DRAPERI
High
SAP HANA IU5 SDK Authentication Bypass
30.07.2014
Onapsis
High
Dahua DVR Authentication Bypass
19.07.2014
Zhejiang
High
ASUS RT Router Anonymous FTP Access
14.02.2014
Kyle Lovett
High
Router D-Link DIR-100 Multiple Vulnerabilities
04.02.2014
Felix Richter
High
Nisuta NS-WIR150NE, NS-WIR300N Authentication Bypass
11.01.2014
ampliasecurity
Med.
Burden 1.8 Privilege Escalation
09.01.2014
High-Tech Bridge Secur...
High
Vivotek IP Cameras RTSP Authentication Bypass
06.11.2013
CORE
High
Radio Thermostat Of America Inc Lack Of Authentication
02.08.2013
Daniel Crowley
High
D-Link IP Cameras Injection & Bypass
30.04.2013
CORE
Med.
Cisco Firewall Services Module Software Multiple Vulnerabilities
10.04.2013
Cisco
Med.
EMC Smarts Network Configuration Manager Improper Authentication Vulnerability
27.03.2013
EMC
Med.
Backupbuddy 2.2.4 Sensitive Data Exposure
25.03.2013
robarmstrong.te71
High
PBBoard 2.1.4 SQL Injection and Improper Authentication
09.08.2012
High-Tech Bridge Secur...
Med.
LifeSize Room Vulnerabilities
05.09.2011
securestate net
High
RealVNC Authentication Bypass
31.08.2011
Juha-Matti
High
RSA Adaptive Authentication (On-Premise) Security Issue
24.08.2011
EMC
Med.
FreeRADIUS 2.1.11 Multiple Vulns
06.08.2011
DCERT
High
IBM Lotus Domino Server Controller Authentication Bypass Remote Code Execution Vulnerability
30.03.2011
ZDI
Med.
Arthur de Jong \'nss-pam-ldapd\' Authentication Bypass Vulnerability
17.03.2011
Russell Sim
High
Pointter PHP Content Management System 1.0 Privilege Escalation
16.12.2010
Mark Stanislav
High
Pointter PHP Micro-Blogging Social Network 1.0 Privilege Escalation
16.12.2010
Mark Stanislav
High
OpenSSL J-PAKE Validation Error Lets Remote Users Validate Without Shared Secret Key
08.12.2010
Sebastian Martini
High
Pandora FMS <= 3.1 Authentication Bypass
05.12.2010
Juan Galiana Lara
High
Cisco Unified Videoconferencing multiple vulnerabilities
24.11.2010
Florent Daigniere
High
Camtron CMNC-200 IP Camera Authentication Bypass
18.11.2010
Trustwave's SpiderLabs
High
IBM OmniFind - several vulnerabilities
15.11.2010
Fatih Kilic
High
Likewise Open 5.4 & 6.0 Multiple Vulns
29.07.2010
Gerald Carter
Low
dootzky oblog Persistant XSS, CSRF, Admin Bruteforce
29.06.2010
null
Med.
SpringSource tc Server unauthenticated remote access to JMX interface
25.05.2010
s2-security
High
ToutVirtual VirtualIQ Multiple Vulnerabilities
21.05.2010
Claudio Criscione
High
CA XOsoft Multiple Vulns.
10.04.2010
Andrea Micalizzi aka r...
High
Varnish reverse proxy 2.0.6 Medium security hole
07.04.2010
Tim Brown
Med.
Sahana 0.6.2.2 authentication bypass
19.03.2010
nill
High
HP openview Performance Insight 5.4 Remote Execution of ArbitraryCommands
15.03.2010
HP


Common Weakness Enumeration (CWE)

CVE
Szczegóły
Opis
2021-09-21
Waiting for details
CVE-2021-31917

Updating...
 

 
A flaw was found in Red Hat DataGrid 8.x (8.0.0, 8.0.1, 8.1.0 and 8.1.1) and Infinispan (10.0.0 through 12.0.0). An attacker could bypass authentication on all REST endpoints when DIGEST is used as the authentication method. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

 
2021-09-17
Waiting for details
CVE-2021-38412

Updating...
 

 
Properly formatted POST requests to multiple resources on the HTTP and HTTPS web servers of the Digi PortServer TS 16 Rack device do not require authentication or authentication tokens. This vulnerability could allow an attacker to enable the SNMP service and manipulate the community strings to achieve further control in.

 
2021-09-15
Waiting for details
CVE-2021-39215

Updating...
 

 
Jitsi Meet is an open source video conferencing application. In versions prior to 2.0.5963, a Prosody module allows the use of symmetrical algorithms to validate JSON web tokens. This means that tokens generated by arbitrary sources can be used to gain authorization to protected rooms. This issue is fixed in Jitsi Meet 2.0.5963. There are no known workarounds aside from updating.

 
2021-09-10
Medium
CVE-2021-37414

Vendor: Zohocorp
Software: Manageengine...
 

 
Zoho ManageEngine DesktopCentral version 10.1.2119.7 and prior allows anyone to get a valid user's APIKEY without authentication.

 
2021-09-09
Low
CVE-2021-34786

Vendor: Cisco
Software: Broadworks c...
 

 
Multiple vulnerabilities in Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to delete arbitrary user accounts or gain elevated privileges on an affected system.

 
Medium
CVE-2021-34785

Vendor: Cisco
Software: Broadworks c...
 

 
Multiple vulnerabilities in Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to delete arbitrary user accounts or gain elevated privileges on an affected system.

 
2021-09-08
Medium
CVE-2020-11301

Updating...
 

 
Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

 
High
CVE-2020-11264

Updating...
 

 
Improper authentication of Non-EAPOL/WAPI plaintext frames during four-way handshake can lead to arbitrary network packet injection in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

 
Low
CVE-2021-30702

Vendor: Apple
Software: Mac os x
 

 
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. A person with physical access to a Mac may be able to bypass Login Window.

 
Low
CVE-2021-30668

Vendor: Apple
Software: Macos
 

 
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.4. A person with physical access to a Mac may be able to bypass Login Window during a software update.

 

 


Copyright 2021, cxsecurity.com

 

Back to Top