Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
authenticate vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-15835
An issue exists on Mofi Network MOFI4500-4GXeLTE 4.1.5-std devices. The authentication function contains undocumented code that provides the ability to authenticate as root without knowing the actual root password. An adversary with the private key can remotely authenticate to th...
Mofinetwork Mofi4500-4gxelte Firmware 4.1.5-std
NA
CVE-1999-0005
Arbitrary command execution via IMAP buffer overflow in authenticate command.
University Of Washington Imap 10.234
Netscape Messaging Server 3.55
1 EDB exploit
NA
CVE-2011-4966
modules/rlm_unix/rlm_unix.c in FreeRADIUS prior to 2.2.0, when unix mode is enabled for user authentication, does not properly check the password expiration in /etc/shadow, which allows remote authenticated users to authenticate using an expired password.
Freeradius Freeradius 2.1.4
Freeradius Freeradius 2.1.12
Freeradius Freeradius 0.2
Freeradius Freeradius 0.4
Freeradius Freeradius 1.0.1
Freeradius Freeradius 1.0.2
Freeradius Freeradius 1.1.3
Freeradius Freeradius 1.1.5
Freeradius Freeradius 2.1.2
Freeradius Freeradius
Freeradius Freeradius 2.1.3
Freeradius Freeradius 0.1
Freeradius Freeradius 2.0.4
Freeradius Freeradius 2.1.9
Freeradius Freeradius 0.8.1
Freeradius Freeradius 0.9.3
Freeradius Freeradius 1.0.0
Freeradius Freeradius 0.9.1
Freeradius Freeradius 1.1.2
Freeradius Freeradius 1.1.4
Freeradius Freeradius 1.1.8
Freeradius Freeradius 0.6
4.3
CVSSv3
CVE-2020-35934
The Advanced Access Manager plugin prior to 6.6.2 for WordPress displays the unfiltered user object (including all metadata) upon login via the REST API (aam/v1/authenticate or aam/v2/authenticate). This is a security problem if this object stores information that the user is not...
Vasyltech Advanced Access Manager
NA
CVE-2001-0101
Vulnerability in fetchmail 5.5.0-2 and previous versions in the AUTHENTICATE GSSAPI command.
Fetchmail Fetchmail 5.3.8
Fetchmail Fetchmail 5.3.3
Fetchmail Fetchmail 5.2.1
Fetchmail Fetchmail 5.2.0
Fetchmail Fetchmail 5.0.3
Fetchmail Fetchmail 5.0.2
Fetchmail Fetchmail 4.7.3
Fetchmail Fetchmail 4.7.2
Fetchmail Fetchmail 4.6.5
Fetchmail Fetchmail 4.6.4
Fetchmail Fetchmail 4.5.5
Fetchmail Fetchmail 4.5.4
Fetchmail Fetchmail 5.4.5
Fetchmail Fetchmail 5.2.8
Fetchmail Fetchmail 5.2.7
Fetchmail Fetchmail 5.0.8
Fetchmail Fetchmail 5.0.7
Fetchmail Fetchmail 5.0.6
Fetchmail Fetchmail 4.7.7
Fetchmail Fetchmail 4.7.6
Fetchmail Fetchmail 4.6.9
Fetchmail Fetchmail 4.6.8
7.5
CVSSv3
CVE-2022-2306
Old session tokens can be used to authenticate to the application and send authenticated requests.
Heroiclabs Nakama
9.8
CVSSv3
CVE-2023-24093
An access control issue in H3C A210-G A210-GV100R005 allows malicious users to authenticate without a password.
H3c A210-g Firmware A210-gv100r005
9.1
CVSSv3
CVE-2022-24797
Pomerium is an identity-aware access proxy. In distributed service mode, Pomerium's Authenticate service exposes pprof debug and prometheus metrics handlers to untrusted traffic. This can leak potentially sensitive environmental information or lead to limited denial of servi...
Pomerium Pomerium
NA
CVE-2006-6239
webadmin in MailEnable NetWebAdmin Professional 2.32 and Enterprise 2.32 allows remote malicious users to authenticate using an empty password.
Mailenable Netwebadmin Enterprise 2.32
Mailenable Netwebadmin Professional 2.32
5.9
CVSSv3
CVE-2016-8918
IBM Integration Bus, under non default configurations, could allow a remote user to authenticate without providing valid credentials.
Ibm Integration Bus 10.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »