Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
authenticate vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2012-3241
The VMware Broker in Eucalyptus 2.0.3 and 3.0.x prior to 3.0.2 does not properly authenticate SOAP requests, which allows remote malicious users to execute arbitrary VMware Broker API commands.
Eucalyptus Eucalyptus 2.0.3
Eucalyptus Eucalyptus 3.0.1
7.8
CVSSv2
CVE-2008-5420
The SAN Manager Master Agent service (aka msragent.exe) in EMC Control Center prior to 6.1 does not properly authenticate SST_SENDFILE requests, which allows remote malicious users to read arbitrary files.
Emc Control Center
Emc Control Center 5.2
4.3
CVSSv2
CVE-2009-4879
The Identity Server in Novell Access Manager prior to 3.1 SP1 allows attackers with disabled Active Directory accounts to authenticate using X.509 authentication, which bypasses intended access restrictions.
Novell Access Manager 3
Novell Access Manager
5
CVSSv2
CVE-2002-0588
PVote prior to 1.9 does not authenticate users for restricted operations, which allows remote malicious users to add or delete polls by modifying parameters to (1) add.php or (2) del.php.
Steve Korbett Pvote 1.0b
Steve Korbett Pvote 1.0
Steve Korbett Pvote 1.0a
Steve Korbett Pvote 1.5
1 EDB exploit
7.5
CVSSv2
CVE-2014-6632
Joomla! 2.5.x prior to 2.5.25, 3.x prior to 3.2.4, and 3.3.x prior to 3.3.4 allows remote malicious users to authenticate and bypass intended access restrictions via vectors involving LDAP authentication.
Joomla Joomla\\! 2.5.24
Joomla Joomla\\! 2.5.23
Joomla Joomla\\! 2.5.8
Joomla Joomla\\! 2.5.7
Joomla Joomla\\! 2.5.6
Joomla Joomla\\! 2.5.5
Joomla Joomla\\! 3.3.0
Joomla Joomla\\! 2.5.17
Joomla Joomla\\! 2.5.16
Joomla Joomla\\! 2.5.15
Joomla Joomla\\! 2.5.14
Joomla Joomla\\! 2.5.0
Joomla Joomla\\! 3.2.3
Joomla Joomla\\! 3.2.2
Joomla Joomla\\! 3.2.1
Joomla Joomla\\! 2.5.21
Joomla Joomla\\! 2.5.19
Joomla Joomla\\! 2.5.13
Joomla Joomla\\! 2.5.11
Joomla Joomla\\! 2.5.9
Joomla Joomla\\! 2.5.4
Joomla Joomla\\! 2.5.2
6.8
CVSSv2
CVE-2017-4919
VMware vCenter Server 5.5, 6.0, 6.5 allows vSphere users with certain, limited vSphere privileges to use the VIX API to access Guest Operating Systems without the need to authenticate.
Vmware Vcenter Server 5.5
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.0
7.5
CVSSv2
CVE-2013-4552
lib/Auth/Source/External.php in the drupalauth module prior to 1.2.2 for simpleSAMLphp allows remote malicious users to authenticate as an arbitrary user via the user name (uid) in a cookie.
Drupalauth Project Drupalauth
6.8
CVSSv2
CVE-2006-6858
Miredo 0.9.8 up to and including 1.0.5 does not properly authenticate a Teredo bubble during UDP hole punching with HMAC-MD5-64 hashing, which allows remote malicious users to impersonate an arbitrary Teredo client.
Miredo Miredo 0.9.8
Miredo Miredo
Miredo Miredo 1.0.3
Miredo Miredo 1.0.4
5
CVSSv2
CVE-2016-10099
Borg (aka BorgBackup) prior to 1.0.9 has a flaw in the cryptographic protocol used to authenticate the manifest (list of archives), potentially allowing an malicious user to spoof the list of archives.
Borg Project Borg
5.8
CVSSv2
CVE-2019-6687
On versions 15.0.0-15.0.1.1, the BIG-IP ASM Cloud Security Services profile uses a built-in verification mechanism that fails to properly authenticate the X.509 certificate of remote endpoints.
F5 Big-ip Application Security Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »