Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
authenticate vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-15835
An issue exists on Mofi Network MOFI4500-4GXeLTE 4.1.5-std devices. The authentication function contains undocumented code that provides the ability to authenticate as root without knowing the actual root password. An adversary with the private key can remotely authenticate to th...
Mofinetwork Mofi4500-4gxelte Firmware 4.1.5-std
NA
CVE-1999-0005
Arbitrary command execution via IMAP buffer overflow in authenticate command.
University Of Washington Imap 10.234
Netscape Messaging Server 3.55
1 EDB exploit
NA
CVE-2001-0101
Vulnerability in fetchmail 5.5.0-2 and previous versions in the AUTHENTICATE GSSAPI command.
Fetchmail Fetchmail 5.3.8
Fetchmail Fetchmail 5.3.3
Fetchmail Fetchmail 5.2.1
Fetchmail Fetchmail 5.2.0
Fetchmail Fetchmail 5.0.3
Fetchmail Fetchmail 5.0.2
Fetchmail Fetchmail 4.7.3
Fetchmail Fetchmail 4.7.2
Fetchmail Fetchmail 4.6.5
Fetchmail Fetchmail 4.6.4
Fetchmail Fetchmail 4.5.5
Fetchmail Fetchmail 4.5.4
Fetchmail Fetchmail 5.4.5
Fetchmail Fetchmail 5.2.8
Fetchmail Fetchmail 5.2.7
Fetchmail Fetchmail 5.0.8
Fetchmail Fetchmail 5.0.7
Fetchmail Fetchmail 5.0.6
Fetchmail Fetchmail 4.7.7
Fetchmail Fetchmail 4.7.6
Fetchmail Fetchmail 4.6.9
Fetchmail Fetchmail 4.6.8
4.3
CVSSv3
CVE-2020-35934
The Advanced Access Manager plugin prior to 6.6.2 for WordPress displays the unfiltered user object (including all metadata) upon login via the REST API (aam/v1/authenticate or aam/v2/authenticate). This is a security problem if this object stores information that the user is not...
Vasyltech Advanced Access Manager
NA
CVE-2011-4966
modules/rlm_unix/rlm_unix.c in FreeRADIUS prior to 2.2.0, when unix mode is enabled for user authentication, does not properly check the password expiration in /etc/shadow, which allows remote authenticated users to authenticate using an expired password.
Freeradius Freeradius 2.1.4
Freeradius Freeradius 2.1.12
Freeradius Freeradius 0.2
Freeradius Freeradius 0.4
Freeradius Freeradius 1.0.1
Freeradius Freeradius 1.0.2
Freeradius Freeradius 1.1.3
Freeradius Freeradius 1.1.5
Freeradius Freeradius 2.1.2
Freeradius Freeradius
Freeradius Freeradius 2.1.3
Freeradius Freeradius 0.1
Freeradius Freeradius 2.0.4
Freeradius Freeradius 2.1.9
Freeradius Freeradius 0.8.1
Freeradius Freeradius 0.9.3
Freeradius Freeradius 1.0.0
Freeradius Freeradius 0.9.1
Freeradius Freeradius 1.1.2
Freeradius Freeradius 1.1.4
Freeradius Freeradius 1.1.8
Freeradius Freeradius 0.6
7.5
CVSSv3
CVE-2022-2306
Old session tokens can be used to authenticate to the application and send authenticated requests.
Heroiclabs Nakama
9.8
CVSSv3
CVE-2023-24093
An access control issue in H3C A210-G A210-GV100R005 allows malicious users to authenticate without a password.
H3c A210-g Firmware A210-gv100r005
NA
CVE-2013-2157
OpenStack Keystone Folsom, Grizzly prior to 2013.1.3, and Havana, when using LDAP with Anonymous binding, allows remote malicious users to bypass authentication via an empty password.
Openstack Keystone
7.5
CVSSv3
CVE-2020-12789
The Secure Monitor in Microchip Atmel ATSAMA5 products use a hardcoded key to encrypt and authenticate secure applets.
Microchip Atsama5d21c-cu Firmware -
Microchip Atsama5d21c-cur Firmware -
Microchip Atsama5d22c-cn Firmware -
Microchip Atsama5d22c-cnr Firmware -
Microchip Atsama5d22c-cu Firmware -
Microchip Atsama5d22c-cur Firmware -
Microchip Atsama5d23c-cn Firmware -
Microchip Atsama5d23c-cnr Firmware -
Microchip Atsama5d23c-cu Firmware -
Microchip Atsama5d23c-cur Firmware -
Microchip Atsama5d24c-cu Firmware -
Microchip Atsama5d24c-cuf Firmware -
Microchip Atsama5d24c-cur Firmware -
Microchip Atsama5d26c-cn Firmware -
Microchip Atsama5d26c-cnr Firmware -
Microchip Atsama5d26c-cu Firmware -
Microchip Atsama5d26c-cur Firmware -
Microchip Atsama5d27c-cn Firmware -
Microchip Atsama5d27c-cnr Firmware -
Microchip Atsama5d27c-cu Firmware -
Microchip Atsama5d27c-cur Firmware -
Microchip Atsama5d28c-cn Firmware -
1 Github repository
NA
CVE-2006-6239
webadmin in MailEnable NetWebAdmin Professional 2.32 and Enterprise 2.32 allows remote malicious users to authenticate using an empty password.
Mailenable Netwebadmin Enterprise 2.32
Mailenable Netwebadmin Professional 2.32
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »