Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
authenticator vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2018-0412
A vulnerability in the implementation of Extensible Authentication Protocol over LAN (EAPOL) functionality in Cisco Small Business 100 Series Wireless Access Points and Cisco Small Business 300 Series Wireless Access Points could allow an unauthenticated, adjacent malicious user ...
Cisco Wap121 Firmware
Cisco Wap125 Firmware
Cisco Wap131 Firmware
Cisco Wap150 Firmware
Cisco Wap321 Firmware
Cisco Wap351 Firmware
Cisco Wap361 Firmware
Cisco Wap371 Firmware
5.9
CVSSv3
CVE-2019-7218
Citrix ShareFile prior to 19.23 allows a downgrade from two-factor authentication to one-factor authentication. An attacker with access to the offline victim's otp physical token or virtual app (like google authenticator) is able to bypass the first authentication phase (use...
Citrix Sharefile
7.5
CVSSv3
CVE-2020-12783
Exim up to and including 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c.
Exim Exim
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
6.5
CVSSv3
CVE-2020-1688
On Juniper Networks SRX Series and NFX Series, a local authenticated user with access to the shell may obtain the Web API service private key that is used to provide encrypted communication between the Juniper device and the authenticator services. Exploitation of this vulnerabil...
Juniper Junos 12.3x48
Juniper Junos 15.1x49
Juniper Junos 16.1
Juniper Junos 17.2
Juniper Junos 17.3
Juniper Junos 17.4
Juniper Junos 18.1
Juniper Junos 18.2
Juniper Junos 18.3
Juniper Junos 18.4
Juniper Junos 19.1
Juniper Junos 19.2
NA
CVE-2014-7998
Cisco IOS on Aironet access points, when "dot11 aaa authenticator" debugging is enabled, allows remote malicious users to cause a denial of service via a malformed EAP packet, aka Bug ID CSCul15509.
Cisco Ios -
6.8
CVSSv3
CVE-2021-31924
Yubico pam-u2f prior to 1.1.1 has a logic issue that, depending on the pam-u2f configuration and the application used, could lead to a local PIN bypass. This issue does not allow user presence (touch) or cryptographic signature verification to be bypassed, so an attacker would st...
Yubico Pam-u2f
Fedoraproject Fedora 34
Fedoraproject Fedora 35
NA
CVE-2012-4431
org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x prior to 6.0.36 and 7.x prior to 7.0.32 allows remote malicious users to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.
Apache Tomcat 6.0.33
Apache Tomcat 6.0.0
Apache Tomcat 6.0.6
Apache Tomcat 6.0.4
Apache Tomcat 6.0.11
Apache Tomcat 6.0.7
Apache Tomcat 6.0.15
Apache Tomcat 6.0.20
Apache Tomcat 6.0.9
Apache Tomcat 6.0.10
Apache Tomcat 6.0.31
Apache Tomcat 6.0.29
Apache Tomcat 6.0.3
Apache Tomcat 6.0.1
Apache Tomcat 6.0.24
Apache Tomcat 6.0.17
Apache Tomcat 6.0
Apache Tomcat 6.0.32
Apache Tomcat 6.0.28
Apache Tomcat 6.0.14
Apache Tomcat 6.0.12
Apache Tomcat 6.0.18
4.8
CVSSv3
CVE-2019-3875
A vulnerability was found in keycloak prior to 6.0.2. The X.509 authenticator supports the verification of client certificates through the CRL, where the CRL list can be obtained from the URL provided in the certificate itself (CDP) or through the separately configured path. The ...
Redhat Single Sign-on 7.3
Redhat Keycloak
NA
CVE-2012-3546
org/apache/catalina/realm/RealmBase.java in Apache Tomcat 6.x prior to 6.0.36 and 7.x prior to 7.0.30, when FORM authentication is used, allows remote malicious users to bypass security-constraint checks by leveraging a previous setUserPrincipal call and then placing /j_security_...
Apache Tomcat 6.0.33
Apache Tomcat 6.0.0
Apache Tomcat 6.0.6
Apache Tomcat 6.0.11
Apache Tomcat 6.0.7
Apache Tomcat 6.0.4
Apache Tomcat 6.0.15
Apache Tomcat 6.0.20
Apache Tomcat 6.0.9
Apache Tomcat 6.0.10
Apache Tomcat 6.0.31
Apache Tomcat 6.0.29
Apache Tomcat 6.0.3
Apache Tomcat 6.0.1
Apache Tomcat 6.0.24
Apache Tomcat 6.0.17
Apache Tomcat 6.0
Apache Tomcat 6.0.32
Apache Tomcat 6.0.28
Apache Tomcat 6.0.14
Apache Tomcat 6.0.12
Apache Tomcat 6.0.18
6.5
CVSSv3
CVE-2023-21994
Vulnerability in the Oracle Mobile Security Suite product of Oracle Fusion Middleware (component: Android Mobile Authenticator App). Supported versions that are affected are before 11.1.2.3.1. Easily exploitable vulnerability allows unauthenticated attacker with access to the phy...
Oracle Fusion Middleware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »