Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
authenticate vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-6239
webadmin in MailEnable NetWebAdmin Professional 2.32 and Enterprise 2.32 allows remote malicious users to authenticate using an empty password.
Mailenable Netwebadmin Enterprise 2.32
Mailenable Netwebadmin Professional 2.32
10
CVSSv2
CVE-2002-2279
Unspecified vulnerability in the bind function in config.inc of aldap 0.09 allows remote malicious users to authenticate with Manager permissions.
Aldap Aldap 0.09
NA
CVE-2024-25650
Insecure key exchange between Delinea PAM Secret Server 11.4 and the Distributed Engine 8.4.3 allows a PAM administrator to obtain the Symmetric Key (used to encrypt RabbitMQ messages) via crafted payloads to the /pre-authenticate, /authenticate, and /execute-and-respond REST API...
2.1
CVSSv2
CVE-2020-11723
Cellebrite UFED 5.0 up to and including 7.29 uses four hardcoded RSA private keys to authenticate to the ADB daemon on target devices. Extracted keys can be used to place evidence onto target devices when performing a forensic extraction.
Cellebrite Ufed Firmware
7.5
CVSSv2
CVE-2014-0097
The ActiveDirectoryLdapAuthenticator in Spring Security 3.2.0 to 3.2.1 and 3.1.0 to 3.1.5 does not check the password length. If the directory allows anonymous binds then it may incorrectly authenticate a user who supplies an empty password.
Vmware Spring Security 3.1.1
Vmware Spring Security 3.1.2
Vmware Spring Security 3.1.3
Vmware Spring Security 3.2.0
Vmware Spring Security 3.1.4
Vmware Spring Security 3.1.5
Vmware Spring Security 3.1.0
Vmware Spring Security 3.2.1
7.5
CVSSv2
CVE-2001-1507
OpenSSH prior to 3.0.1 with Kerberos V enabled does not properly authenticate users, which could allow remote malicious users to login unchallenged.
Openbsd Openssh 3.0
Openbsd Openssh 3.0p1
4.3
CVSSv2
CVE-2013-2157
OpenStack Keystone Folsom, Grizzly prior to 2013.1.3, and Havana, when using LDAP with Anonymous binding, allows remote malicious users to bypass authentication via an empty password.
Openstack Keystone
6.8
CVSSv2
CVE-2003-1424
message.php in Petitforum does not properly authenticate users, which allows remote malicious users to impersonate forum users via a modified connect cookie.
Petitforum Petitforum
NA
CVE-2023-40800
The compare_parentcontrol_time function does not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability in Tenda AC23 v16.03.07.45_cn.
Tenda Ac23 Firmware 16.03.07.45 Cn
NA
CVE-2023-48250
The vulnerability allows a remote malicious user to authenticate to the web application with high privileges through multiple hidden hard-coded accounts.
Bosch Nexo-os
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »