Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
anonymous vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2020-1229
A security feature bypass vulnerability exists in Microsoft Outlook when Office fails to enforce security settings configured on a system, aka 'Microsoft Outlook Security Feature Bypass Vulnerability'.
Microsoft 365 Apps -
Microsoft Office 2010
Microsoft Office 2013
Microsoft Office 2016
Microsoft Office 2019
Microsoft Word 2010
Microsoft Word 2013
Microsoft Word 2016
2 Articles
7.5
CVSSv3
CVE-2021-22146
All versions of Elastic Cloud Enterprise has the Elasticsearch “anonymous” user enabled by default in deployed clusters. While in the default setting the anonymous user has no permissions and is unable to successfully query any Elasticsearch APIs, an attacker could le...
Elastic Elasticsearch 7.13.3
1 Github repository
NA
CVE-2013-4594
The Payment for Webform module 7.x-1.x prior to 7.x-1.5 for Drupal does not restrict access by anonymous users, which allows remote anonymous users to use the payment of other anonymous users when submitting a form that requires payment.
Payment For Webform Project Payment For Webform 7.x-1.5
Payment For Webform Project Payment For Webform 7.x-1.2
Payment For Webform Project Payment For Webform 7.x-1.4
Payment For Webform Project Payment For Webform 7.x-1.0
Payment For Webform Project Payment For Webform 7.x-1.1
Payment For Webform Project Payment For Webform 7.x-1.3
NA
CVE-2004-1891
The ftp_syslog function in ftpd in SGI IRIX 6.5.20 "doesn't work with anonymous FTP," which has an unknown impact, possibly preventing the actions of anonymous users from being logged.
Sgi Irix 6.5.20
NA
CVE-2024-0563
Denial of service condition in M-Files Server in versions prior to 24.2 (excluding 23.2 SR7 and 23.8 SR5) allows anonymous user to cause denial of service against other anonymous users.
6.5
CVSSv3
CVE-2022-42446
Starting with Sametime 12, anonymous users are enabled by default. After logging in as an anonymous user, one has the ability to browse the User Directory and potentially create chats with internal users.
Hcltech Sametime 12.0
NA
CVE-1999-1411
The installation of the fsp package 2.71-10 in Debian GNU/Linux 2.0 adds the anonymous FTP user without notifying the administrator, which could automatically enable anonymous FTP on some servers such as wu-ftp.
Debian Debian Linux 2.0
7.5
CVSSv3
CVE-2017-5635
In Apache NiFi prior to 0.7.2 and 1.x prior to 1.1.2 in a cluster environment, if an anonymous user request is replicated to another node, the originating node identity is used rather than the "anonymous" user.
Apache Nifi 0.7.1
Apache Nifi 0.7.0
Apache Nifi 1.1.1
Apache Nifi 1.1.0
4.9
CVSSv3
CVE-2017-1000145
Mahara 1.9 prior to 1.9.7 and 1.10 prior to 1.10.5 and 15.04 prior to 15.04.2 are vulnerable to anonymous comments being able to be placed on artefact detail pages even when the site administrator had disallowed anonymous comments.
Mahara Mahara 1.9.0
Mahara Mahara 1.9
Mahara Mahara 1.9.6
Mahara Mahara 1.9.2
Mahara Mahara 1.9.4
Mahara Mahara 1.9.5
Mahara Mahara 1.9.1
Mahara Mahara 1.9.3
Mahara Mahara 1.10.1
Mahara Mahara 1.10.3
Mahara Mahara 1.10
Mahara Mahara 1.10.0
Mahara Mahara 1.10.2
Mahara Mahara 1.10.4
Mahara Mahara 15.04
Mahara Mahara 15.04.0
Mahara Mahara 15.04.1
NA
CVE-2014-2983
Drupal 6.x prior to 6.31 and 7.x prior to 7.27 does not properly isolate the cached data of different anonymous users, which allows remote anonymous users to obtain sensitive interim form input information in opportunistic situations via unspecified vectors.
Drupal Drupal
Debian Debian Linux 6.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »