Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
authenticate vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-0718
Web authoring command in Microsoft Content Management Server (MCMS) 2001 allows malicious users to authenticate and upload executable content, by modifying the upload location, aka "Program Execution via MCMS Authoring Function."
Microsoft Content Management Server 2001
NA
CVE-2006-6858
Miredo 0.9.8 up to and including 1.0.5 does not properly authenticate a Teredo bubble during UDP hole punching with HMAC-MD5-64 hashing, which allows remote malicious users to impersonate an arbitrary Teredo client.
Miredo Miredo 1.0.3
Miredo Miredo
Miredo Miredo 1.0.4
Miredo Miredo 0.9.8
5.3
CVSSv3
CVE-2016-10099
Borg (aka BorgBackup) prior to 1.0.9 has a flaw in the cryptographic protocol used to authenticate the manifest (list of archives), potentially allowing an malicious user to spoof the list of archives.
Borg Project Borg
7.5
CVSSv3
CVE-2017-14026
In Ice Qube Thermal Management Center versions prior to version 4.13, the web application does not properly authenticate users which may allow an malicious user to gain access to sensitive information.
Iceqube Thermal Management Center Firmware
4.4
CVSSv3
CVE-2022-2888
If an attacker comes into the possession of a victim's OctoPrint session cookie through whatever means, the attacker can use this cookie to authenticate as long as the victim's account exists.
Octoprint Octoprint
NA
CVE-2006-4404
The Installer application in Apple Mac OS X 10.4.8 and previous versions, when used by a user with Admin credentials, does not authenticate the user before installing certain software requiring system privileges.
Apple Mac Os X
NA
CVE-2004-2393
Java Secure Socket Extension (JSSE) 1.0.3 up to and including 1.0.3_2 does not properly validate the certificate chain of a client or server, which allows remote malicious users to falsely authenticate peers for SSL/TLS.
Sun Jsse 1.0.3
Sun Jsse 1.0.3 02
Sun Jsse 1.0.3 01
NA
CVE-2002-0570
The encrypted loop device in Linux kernel 2.4.10 and previous versions does not authenticate the entity that is encrypting data, which allows local users to modify encrypted data without knowing the key.
Linux Linux Kernel 2.4.15
Linux Linux Kernel 2.2.10
Linux Linux Kernel 2.4.11
Linux Linux Kernel 2.2.13
Linux Linux Kernel 2.2.0
Linux Linux Kernel 2.2.6
Linux Linux Kernel 2.4.12
Linux Linux Kernel 2.4.13
Linux Linux Kernel 2.2.18
Linux Linux Kernel 2.2.3
Linux Linux Kernel 2.4.17
Linux Linux Kernel 2.2.2
Linux Linux Kernel 2.2.5
Linux Linux Kernel 2.4.7
Linux Linux Kernel 2.2.8
Linux Linux Kernel 2.4.9
Linux Linux Kernel 2.2.7
Linux Linux Kernel 2.2.16
Linux Linux Kernel 2.2.1
Linux Linux Kernel 2.2.12
Linux Linux Kernel 2.4.10
Linux Linux Kernel 2.4.0
7.5
CVSSv3
CVE-2023-26760
Sme.UP ERP TOKYO V6R1M220406 exists to contain an information disclosure vulnerability via the /debug endpoint. This vulnerability allows malicious users to access cleartext credentials needed to authenticate to the AS400 system.
Smeup Erp Tokyo V6r1m220406
NA
CVE-2002-1410
Easy Guestbook CGI programs do not authenticate the administrator, which allows remote malicious users to (1) delete entries via direct access of admin.cgi, or (2) reconfigure Guestbook via direct access of config.cgi.
Easy Scripts Archive Easy Guestbook 1.0
Ben Chivers Ben Chivers Guestbook 1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »