Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
authenticate vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-4879
The Identity Server in Novell Access Manager prior to 3.1 SP1 allows attackers with disabled Active Directory accounts to authenticate using X.509 authentication, which bypasses intended access restrictions.
Novell Access Manager 3
Novell Access Manager
NA
CVE-2008-5420
The SAN Manager Master Agent service (aka msragent.exe) in EMC Control Center prior to 6.1 does not properly authenticate SST_SENDFILE requests, which allows remote malicious users to read arbitrary files.
Emc Control Center
Emc Control Center 5.2
NA
CVE-2002-0588
PVote prior to 1.9 does not authenticate users for restricted operations, which allows remote malicious users to add or delete polls by modifying parameters to (1) add.php or (2) del.php.
Steve Korbett Pvote 1.0b
Steve Korbett Pvote 1.0
Steve Korbett Pvote 1.0a
Steve Korbett Pvote 1.5
1 EDB exploit
NA
CVE-2012-3241
The VMware Broker in Eucalyptus 2.0.3 and 3.0.x prior to 3.0.2 does not properly authenticate SOAP requests, which allows remote malicious users to execute arbitrary VMware Broker API commands.
Eucalyptus Eucalyptus 2.0.3
Eucalyptus Eucalyptus 3.0.1
NA
CVE-2014-6632
Joomla! 2.5.x prior to 2.5.25, 3.x prior to 3.2.4, and 3.3.x prior to 3.3.4 allows remote malicious users to authenticate and bypass intended access restrictions via vectors involving LDAP authentication.
Joomla Joomla\\! 2.5.24
Joomla Joomla\\! 2.5.23
Joomla Joomla\\! 2.5.8
Joomla Joomla\\! 2.5.7
Joomla Joomla\\! 2.5.6
Joomla Joomla\\! 2.5.5
Joomla Joomla\\! 3.3.0
Joomla Joomla\\! 2.5.17
Joomla Joomla\\! 2.5.16
Joomla Joomla\\! 2.5.15
Joomla Joomla\\! 2.5.14
Joomla Joomla\\! 2.5.0
Joomla Joomla\\! 3.2.3
Joomla Joomla\\! 3.2.2
Joomla Joomla\\! 3.2.1
Joomla Joomla\\! 2.5.21
Joomla Joomla\\! 2.5.19
Joomla Joomla\\! 2.5.13
Joomla Joomla\\! 2.5.11
Joomla Joomla\\! 2.5.9
Joomla Joomla\\! 2.5.4
Joomla Joomla\\! 2.5.2
NA
CVE-2013-4552
lib/Auth/Source/External.php in the drupalauth module prior to 1.2.2 for simpleSAMLphp allows remote malicious users to authenticate as an arbitrary user via the user name (uid) in a cookie.
Drupalauth Project Drupalauth
9
CVSSv3
CVE-2017-4919
VMware vCenter Server 5.5, 6.0, 6.5 allows vSphere users with certain, limited vSphere privileges to use the VIX API to access Guest Operating Systems without the need to authenticate.
Vmware Vcenter Server 5.5
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.0
5.3
CVSSv3
CVE-2016-10099
Borg (aka BorgBackup) prior to 1.0.9 has a flaw in the cryptographic protocol used to authenticate the manifest (list of archives), potentially allowing an malicious user to spoof the list of archives.
Borg Project Borg
7.5
CVSSv3
CVE-2017-14026
In Ice Qube Thermal Management Center versions prior to version 4.13, the web application does not properly authenticate users which may allow an malicious user to gain access to sensitive information.
Iceqube Thermal Management Center Firmware
7.4
CVSSv3
CVE-2019-6687
On versions 15.0.0-15.0.1.1, the BIG-IP ASM Cloud Security Services profile uses a built-in verification mechanism that fails to properly authenticate the X.509 certificate of remote endpoints.
F5 Big-ip Application Security Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »