Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
anonymous vulnerabilities and exploits
(subscribe to this query)
7.3
CVSSv3
CVE-2014-0097
The ActiveDirectoryLdapAuthenticator in Spring Security 3.2.0 to 3.2.1 and 3.1.0 to 3.1.5 does not check the password length. If the directory allows anonymous binds then it may incorrectly authenticate a user who supplies an empty password.
Vmware Spring Security 3.1.1
Vmware Spring Security 3.1.2
Vmware Spring Security 3.1.3
Vmware Spring Security 3.2.0
Vmware Spring Security 3.1.4
Vmware Spring Security 3.1.5
Vmware Spring Security 3.1.0
Vmware Spring Security 3.2.1
NA
CVE-2024-2862
This vulnerability allows remote malicious users to reset the password of anonymous users without authorization on the affected LG LED Assistant.
NA
CVE-2004-2633
Unspecified vulnerability in Sesamie 1.0 allows remote anonymous malicious users to gain access to repositories of other users via unknown vectors.
Arjohn Kampman Sesame Rdf Container 1.0 Pre3
Arjohn Kampman Sesame Rdf Container 1.0 Pre4
Arjohn Kampman Sesame Rdf Container 1.0
Arjohn Kampman Sesame Rdf Container 1.0 Pre1
Arjohn Kampman Sesame Rdf Container 1.0 Pre2
8.8
CVSSv3
CVE-2019-10384
Jenkins 2.191 and previous versions, LTS 2.176.2 and previous versions allowed users to obtain CSRF tokens without an associated web session ID, resulting in CSRF tokens that did not expire and could be used to bypass CSRF protection for the anonymous user.
Jenkins Jenkins
Oracle Communications Cloud Native Core Automated Test Suite 1.9.0
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.1
6.5
CVSSv3
CVE-2021-43039
An issue exists in Kaseya Unitrends Backup Appliance prior to 10.5.5. The Samba file sharing service allowed anonymous read/write access.
Kaseya Unitrends Backup
NA
CVE-2001-0357
FormMail.pl in FormMail 1.6 and previous versions allows a remote malicious user to send anonymous email (spam) by modifying the recipient and message parameters.
Matt Wright Formmail
NA
CVE-2010-1596
Support Incident Tracker prior to 3.51, when using LDAP authentication with anonymous binds, allows remote malicious users to bypass authentication via an empty password.
Sitracker Support Incident Tracker 3.22pl1
Sitracker Support Incident Tracker 3.23
Sitracker Support Incident Tracker 3.33
Sitracker Support Incident Tracker 3.35
Sitracker Support Incident Tracker 3.50
Sitracker Support Incident Tracker
Sitracker Support Incident Tracker 3.30
Sitracker Support Incident Tracker 3.40
Sitracker Support Incident Tracker 3.24
Sitracker Support Incident Tracker 3.36
Sitracker Support Incident Tracker 3.22
Sitracker Support Incident Tracker 3.21
Sitracker Support Incident Tracker 3.31
Sitracker Support Incident Tracker 3.32
Sitracker Support Incident Tracker 3.41
Sitracker Support Incident Tracker 3.45
NA
CVE-2006-4249
Unspecified vulnerability in PlonePAS in Plone 2.5 and 2.5.1, when anonymous member registration is enabled, allows an malicious user to "masquerade as a group."
Plone Plone 2.5
Plone Plone 2.5.1
NA
CVE-2006-0680
Unspecified vulnerability in WebGUI prior to 6.8.6-gamma allows remote malicious users to create an account, when anonymous registration is disabled, via a certain URL.
Plain Black Webgui 6.2.0 Beta
Plain Black Webgui 6.2.1 Beta
Plain Black Webgui 6.2.7 Gamma
Plain Black Webgui 6.2.8 Gamma
Plain Black Webgui 6.5.3 Beta
Plain Black Webgui 6.5.4 Gamma
Plain Black Webgui 6.6.4 Gamma
Plain Black Webgui 6.6.5 Gamma
Plain Black Webgui 6.7.7 Gamma
Plain Black Webgui 6.7.8 Gamma
Plain Black Webgui 6.1.0
Plain Black Webgui 6.1.1
Plain Black Webgui 6.2.4 Beta
Plain Black Webgui 6.2.5 Beta
Plain Black Webgui 6.2.6 Gamma
Plain Black Webgui 6.5.1 Beta
Plain Black Webgui 6.5.2 Beta
Plain Black Webgui 6.6.2 Gamma
Plain Black Webgui 6.6.3 Gamma
Plain Black Webgui 6.7.5 Gamma
Plain Black Webgui 6.7.6 Gamma
Plain Black Webgui 6.8.5 Gamma
NA
CVE-2024-26643
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout While the rhashtable set gc runs asynchronously, a race allows it to collect elements from anonymous sets with timeouts while it is...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »