Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
authenticate vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2019-11143
Improper permissions in the software installer for Intel(R) Authenticate prior to 3.8 may allow an authenticated user to potentially enable escalation of privilege via local access.
Intel Authenticate
1 Article
9.3
CVSSv2
CVE-2017-3217
CalAmp LMU 3030 series OBD-II CDMA and GSM devices has an SMS (text message) interface that can be deployed where no password is configured for this interface by the integrator / reseller. This interface must be password protected, otherwise, the attacker only needs to know the p...
Calamp Lmu 3030 Obd-ii Firmware -
Calamp Lmu 3030 Cdma Firmware -
Calamp Lmu 3030 Gsm Firmware -
7.5
CVSSv2
CVE-2007-6759
Dataprobe iBootBar (with 2007-09-20 and possibly later released firmware) allows remote malicious users to bypass authentication, and conduct power-cycle attacks on connected devices, via a DCRABBIT cookie.
Dataprobe Ibootbar Firmware
7.5
CVSSv2
CVE-2007-6760
Dataprobe iBootBar (with 2007-09-20 and possibly later beta firmware) allows remote malicious users to bypass authentication, and conduct power-cycle attacks on connected devices, via a DCCOOKIE cookie.
Dataprobe Ibootbar Firmware
10
CVSSv2
CVE-2016-6567
SHDesigns' Resident Download Manager provides firmware update capabilities for Rabbit 2000/3000 CPU boards, which according to the reporter may be used in some industrial control and embedded applications. The Resident Download Manager does not verify that the firmware is au...
Shdesigns Resident Download Manager -
5
CVSSv2
CVE-2021-41157
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. By default, SIP requests of the type SUBSCRIBE are not authenticated in the affected versions of ...
Freeswitch Freeswitch
2 Github repositories
7.5
CVSSv2
CVE-2004-0772
Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and previous versions may allow remote malicious users to execute arbitrary code.
Mit Kerberos 5
Openpkg Openpkg 2.0
Openpkg Openpkg 2.1
Debian Debian Linux 3.0
5.1
CVSSv2
CVE-2010-2940
The auth_send function in providers/ldap/ldap_auth.c in System Security Services Daemon (SSSD) 1.3.0, when LDAP authentication and anonymous bind are enabled, allows remote malicious users to bypass the authentication requirements of pam_authenticate via an empty password.
Fedoraproject Sssd 1.3.0
8
CVSSv2
CVE-2016-2354
The Bluetooth functionality in Lemur Vehicle Monitors BlueDriver prior to 2016-04-07 supports unrestricted pairing without a PIN, which allows remote malicious users to send arbitrary CAN commands by leveraging access to a device inside or adjacent to the vehicle, as demonstrated...
Lemurmonitors Bluedriver
7.5
CVSSv2
CVE-2004-0642
Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and previous versions may allow remote malicious users to execute arbitrary code.
Mit Kerberos 5
Debian Debian Linux 3.0
Redhat Enterprise Linux Desktop 3.0
Redhat Enterprise Linux Workstation 3.0
Redhat Enterprise Linux Server 3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »