Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
authenticate vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2002-0588
PVote prior to 1.9 does not authenticate users for restricted operations, which allows remote malicious users to add or delete polls by modifying parameters to (1) add.php or (2) del.php.
Steve Korbett Pvote 1.0b
Steve Korbett Pvote 1.0
Steve Korbett Pvote 1.0a
Steve Korbett Pvote 1.5
1 EDB exploit
694
VMScore
CVE-2008-5420
The SAN Manager Master Agent service (aka msragent.exe) in EMC Control Center prior to 6.1 does not properly authenticate SST_SENDFILE requests, which allows remote malicious users to read arbitrary files.
Emc Control Center
Emc Control Center 5.2
668
VMScore
CVE-2012-3241
The VMware Broker in Eucalyptus 2.0.3 and 3.0.x prior to 3.0.2 does not properly authenticate SOAP requests, which allows remote malicious users to execute arbitrary VMware Broker API commands.
Eucalyptus Eucalyptus 2.0.3
Eucalyptus Eucalyptus 3.0.1
383
VMScore
CVE-2009-4879
The Identity Server in Novell Access Manager prior to 3.1 SP1 allows attackers with disabled Active Directory accounts to authenticate using X.509 authentication, which bypasses intended access restrictions.
Novell Access Manager 3
Novell Access Manager
668
VMScore
CVE-2014-6632
Joomla! 2.5.x prior to 2.5.25, 3.x prior to 3.2.4, and 3.3.x prior to 3.3.4 allows remote malicious users to authenticate and bypass intended access restrictions via vectors involving LDAP authentication.
Joomla Joomla\\! 2.5.24
Joomla Joomla\\! 2.5.23
Joomla Joomla\\! 2.5.8
Joomla Joomla\\! 2.5.7
Joomla Joomla\\! 2.5.6
Joomla Joomla\\! 2.5.5
Joomla Joomla\\! 3.3.0
Joomla Joomla\\! 2.5.17
Joomla Joomla\\! 2.5.16
Joomla Joomla\\! 2.5.15
Joomla Joomla\\! 2.5.14
Joomla Joomla\\! 2.5.0
Joomla Joomla\\! 3.2.3
Joomla Joomla\\! 3.2.2
Joomla Joomla\\! 3.2.1
Joomla Joomla\\! 2.5.21
Joomla Joomla\\! 2.5.19
Joomla Joomla\\! 2.5.13
Joomla Joomla\\! 2.5.11
Joomla Joomla\\! 2.5.9
Joomla Joomla\\! 2.5.4
Joomla Joomla\\! 2.5.2
668
VMScore
CVE-2013-4552
lib/Auth/Source/External.php in the drupalauth module prior to 1.2.2 for simpleSAMLphp allows remote malicious users to authenticate as an arbitrary user via the user name (uid) in a cookie.
Drupalauth Project Drupalauth
605
VMScore
CVE-2017-4919
VMware vCenter Server 5.5, 6.0, 6.5 allows vSphere users with certain, limited vSphere privileges to use the VIX API to access Guest Operating Systems without the need to authenticate.
Vmware Vcenter Server 5.5
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.0
445
VMScore
CVE-2016-10099
Borg (aka BorgBackup) prior to 1.0.9 has a flaw in the cryptographic protocol used to authenticate the manifest (list of archives), potentially allowing an malicious user to spoof the list of archives.
Borg Project Borg
668
VMScore
CVE-2002-0718
Web authoring command in Microsoft Content Management Server (MCMS) 2001 allows malicious users to authenticate and upload executable content, by modifying the upload location, aka "Program Execution via MCMS Authoring Function."
Microsoft Content Management Server 2001
605
VMScore
CVE-2006-6858
Miredo 0.9.8 up to and including 1.0.5 does not properly authenticate a Teredo bubble during UDP hole punching with HMAC-MD5-64 hashing, which allows remote malicious users to impersonate an arbitrary Teredo client.
Miredo Miredo 0.9.8
Miredo Miredo
Miredo Miredo 1.0.3
Miredo Miredo 1.0.4
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »