Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
authenticate vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-37624
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.10.7, FreeSWITCH does not authenticate SIP MESSAGE requests, leading to spam a...
Freeswitch Freeswitch
2 Github repositories
NA
CVE-2004-0644
The asn1buf_skiptail function in the ASN.1 decoder library for MIT Kerberos 5 (krb5) 1.2.2 up to and including 1.3.4 allows remote malicious users to cause a denial of service (infinite loop) via a certain BER encoding.
Mit Kerberos 5 1.2.7
Mit Kerberos 5 1.2.8
Mit Kerberos 5 1.2.2
Mit Kerberos 5 1.3
Mit Kerberos 5 1.3.1
Mit Kerberos 5 1.2.5
Mit Kerberos 5 1.2.6
Mit Kerberos 5 1.3.4
Mit Kerberos 5 1.2.3
Mit Kerberos 5 1.2.4
Mit Kerberos 5 1.3.2
Mit Kerberos 5 1.3.3
NA
CVE-2010-3037
goform/websXMLAdminRequestCgi.cgi in Cisco Unified Videoconferencing (UVC) System 5110 and 5115, and possibly Unified Videoconferencing System 3545 and 5230, Unified Videoconferencing 3527 Primary Rate Interface (PRI) Gateway, Unified Videoconferencing 3522 Basic Rate Interfaces ...
Cisco Unified Videoconferencing System 5115 Firmware 7.0.1.13.3
Cisco Unified Videoconferencing System 5110 Firmware 7.0.1.13.3
Cisco Unified Videoconferencing System 5115
Cisco Unified Videoconferencing System 5110
Cisco Unified Videoconferencing System 3527 Primary Rate Interface Gateway Firmware 7.0.1.13.3
Cisco Unified Videoconferencing System 3522 Basic Rate Interface Gateway Firmware 7.0.1.13.3
Cisco Unified Videoconferencing System 3515 Multipoint Control Unit Firmware 7.0.1.13.3
Cisco Unified Videoconferencing System 3545 Firmware 7.0.1.13.3
Cisco Unified Videoconferencing System 5230 Firmware 7.0.1.13.3
Cisco Unified Videoconferencing System 3522 Basic Rate Interface Gateway
Cisco Unified Videoconferencing System 3515 Multipoint Control Unit
Cisco Unified Videoconferencing System 3545
Cisco Unified Videoconferencing System 5230
Cisco Unified Videoconferencing System 3527 Primary Rate Interface Gateway
NA
CVE-2002-0599
Blahz-DNS 0.2 and previous versions allows remote malicious users to bypass authentication and modify configuration by directly requesting CGI programs such as dostuff.php instead of going through the login screen.
Blahz-dns Blahz-dns 0.2
1 EDB exploit
NA
CVE-2001-0553
SSH Secure Shell 3.0.0 on Unix systems does not properly perform password authentication to the sshd2 daemon, which allows local users to gain access to accounts with short password fields, such as locked accounts that use "NP" in the password field.
Ssh Secure Shell 3.0.0
1 EDB exploit
9.8
CVSSv3
CVE-2017-10807
JabberD 2.x (aka jabberd2) prior to 2.6.1 allows anyone to authenticate using SASL ANONYMOUS, even when the sasl.anonymous c2s.xml option is not enabled.
Jabberd2 Jabberd2
NA
CVE-2004-1460
Cisco Secure Access Control Server (ACS) 3.2(3) and previous versions, when configured with an anonymous bind in Novell Directory Services (NDS) and authenticating NDS users with NDS, allows remote malicious users to gain unauthorized access to AAA clients via a blank password.
Cisco Secure Access Control Server 3.0
Cisco Secure Access Control Server 3.1
Cisco Secure Access Control Server 3.2
Cisco Secure Acs Solution Engine
Cisco Secure Access Control Server 3.3
Cisco Secure Access Control Server 3.3\\(1\\)
Cisco Secure Access Control Server 3.2\\(1\\)
Cisco Secure Access Control Server 3.2\\(2\\)
Cisco Secure Access Control Server 3.2\\(3\\)
NA
CVE-2004-1461
Cisco Secure Access Control Server (ACS) 3.2(3) and previous versions spawns a separate unauthenticated TCP connection on a random port when a user authenticates to the ACS GUI, which allows remote malicious users to bypass authentication by connecting to that port from the same ...
Cisco Secure Access Control Server 3.2
Cisco Secure Access Control Server 3.3
Cisco Secure Access Control Server 3.2\\(2\\)
Cisco Secure Access Control Server 3.2\\(3\\)
Cisco Secure Access Control Server 3.0
Cisco Secure Access Control Server 3.1
Cisco Secure Access Control Server 3.3\\(1\\)
Cisco Secure Acs Solution Engine
Cisco Secure Access Control Server 3.2\\(1\\)
NA
CVE-2004-1458
The CSAdmin web administration interface for Cisco Secure Access Control Server (ACS) 3.2(2) build 15 allows remote malicious users to cause a denial of service (hang) via a flood of TCP connections to port 2002.
Cisco Secure Access Control Server 3.2
Cisco Secure Access Control Server 3.3
Cisco Secure Access Control Server 3.2\\(3\\)
Cisco Secure Access Control Server 3.0
Cisco Secure Access Control Server 3.1
Cisco Secure Access Control Server 3.3\\(1\\)
Cisco Secure Acs Solution Engine
Cisco Secure Access Control Server 3.2\\(1\\)
Cisco Secure Access Control Server 3.2\\(2\\)
9.8
CVSSv3
CVE-2020-27780
A flaw was found in Linux-Pam in versions before 1.5.1 in the way it handle empty passwords for non-existing users. When the user doesn't exist PAM try to authenticate with root and in the case of an empty password it successfully authenticate.
Linux-pam Linux-pam
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »