Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
authenticator vulnerabilities and exploits
(subscribe to this query)
1.9
CVSSv2
CVE-2012-6140
pam_google_authenticator.c in the PAM module in Google Authenticator prior to 1.0 requires user-readable permissions for the secret file, which allows local users to bypass intended access restrictions and discover a shared secret via standard filesystem operations, a different v...
Google Authenticator 0.87
Google Authenticator 0.86
Google Authenticator
NA
CVE-2022-3994
The Authenticator WordPress plugin prior to 1.3.1 does not prevent subscribers from updating a site's feed access token, which may deny other users access to the functionality in certain configurations.
Authenticator Project Authenticator
NA
CVE-2013-10013
A vulnerability was found in Bricco Authenticator Plugin. It has been declared as critical. This vulnerability affects the function authenticate/compare of the file src/java/talentum/escenic/plugins/authenticator/authenticators/DBAuthenticator.java. The manipulation leads to sql ...
Authenticator Plugin Project Authenticator Plugin
NA
CVE-2022-35290
Under certain conditions SAP Authenticator for Android allows an malicious user to access information which would otherwise be restricted.
Sap Authenticator
NA
CVE-2024-21390
Microsoft Authenticator Elevation of Privilege Vulnerability
Microsoft Authenticator
1 Article
5.8
CVSSv2
CVE-2022-0229
The miniOrange's Google Authenticator WordPress plugin prior to 5.5 does not have proper authorisation and CSRF checks when handling the reconfigureMethod, and does not validate the parameters passed to it properly. As a result, unauthenticated users could delete arbitrary o...
Miniorange Google Authenticator
NA
CVE-2023-27895
SAP Authenticator for Android - version 1.3.0, allows the screen to be captured, if an authorized attacker installs a malicious app on the mobile device. The attacker could extract the currently views of the OTP and the secret OTP alphanumeric token during the token setup. On suc...
Sap Authenticator 1.3.0
NA
CVE-2022-4943
The miniOrange's Google Authenticator plugin for WordPress is vulnerable to authorization bypass due to a missing capability check when changing plugin settings in versions up to, and including, 5.6.5. This makes it possible for unauthenticated malicious users to change the ...
Miniorange Google Authenticator
4.3
CVSSv2
CVE-2022-0875
The Google Authenticator WordPress plugin prior to 1.0.5 does not have CSRF check when saving its settings, and does not sanitise as well as escape them, allowing malicious users to make a logged in admin change them and perform Cross-Site Scripting attacks
Miniorange Google Authenticator
NA
CVE-2022-44589
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in miniOrange miniOrange's Google Authenticator – WordPress Two Factor Authentication – 2FA , Two Factor, OTP SMS and Email | Passwordless login.This issue affects miniOrange's Google A...
Miniorange Google Authenticator
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »