Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
authenticate vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2023-35866
In KeePassXC up to and including 2.7.5, a local attacker can make changes to the Database security settings, including master password and second-factor authentication, within an authenticated KeePassXC Database session, without the need to authenticate these changes by entering ...
Keepassxc Keepassxc
1 Github repository
8.1
CVSSv3
CVE-2023-33243
RedTeam Pentesting discovered that the web interface of STARFACE as well as its REST API allows authentication using the SHA512 hash of the password instead of the cleartext password. While storing password hashes instead of cleartext passwords in an application's database g...
Starface Starface
1 Github repository
3.9
CVSSv3
CVE-2023-20867
A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine.
Vmware Tools
3 Articles
5.3
CVSSv3
CVE-2023-32312
UmbracoIdentityExtensions is an Umbraco add-on package that enables easy extensibility points for ASP.Net Identity integration. In affected versions client secrets are not required which may expose some endpoints to untrusted actors. Since Umbraco is not a single-page application...
Umbraco Umbraco Identity Extensibility
9.8
CVSSv3
CVE-2023-34409
In Percona Monitoring and Management (PMM) server 2.x prior to 2.37.1, the authenticate function in auth_server.go does not properly formalize and sanitize URL paths to reject path traversal attempts. This allows an unauthenticated remote user, when a crafted POST request is made...
Percona Monitoring And Management
9.8
CVSSv3
CVE-2023-31458
A vulnerability in the Edge Gateway component of Mitel MiVoice Connect versions 19.3 SP2 (22.24.1500.0) and previous versions could allow an unauthenticated attacker with internal network access to authenticate with administrative privileges, because initial installation does not...
Mitel Mivoice Connect
8.8
CVSSv3
CVE-2023-31459
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect versions 9.6.2208.101 and previous versions could allow an unauthenticated attacker with internal network access to authenticate with administrative privileges, because the initial installation does...
Mitel Mivoice Connect
9.8
CVSSv3
CVE-2023-32347
Teltonika’s Remote Management System versions before 4.10.0 use device serial numbers and MAC addresses to identify devices from the user perspective for device claiming and from the device perspective for authentication. If an attacker obtained the serial number and MAC a...
Teltonika Remote Management System
8.8
CVSSv3
CVE-2023-20003
A vulnerability in the social login configuration option for the guest users of Cisco Business Wireless Access Points (APs) could allow an unauthenticated, adjacent malicious user to bypass social login authentication. This vulnerability is due to a logic error with the social lo...
Cisco Business 140ac Access Point Firmware
Cisco Business 141acm Firmware
Cisco Business 142acm Firmware
Cisco Business 143acm Firmware
Cisco Business 151axm Firmware 10.4.2
Cisco Business 145ac Access Point Firmware
Cisco Business 150ax Access Point Firmware 10.4.2
Cisco Business 240ac Access Point Firmware
4.9
CVSSv3
CVE-2023-25495
A valid, authenticated administrative user can query a web interface API to reveal the configured LDAP client password used by XCC to authenticate to an external LDAP server in certain configurations. There is no exposure where no LDAP client password is configured
Lenovo Thinkagile Hx5530 Firmware
Lenovo Thinkagile Hx7530 Firmware
Lenovo Thinkagile Vx3331 Firmware
Lenovo Thinkagile Hx Enclosure Firmware
Lenovo Thinkagile Hx1021 Firmware
Lenovo Thinkagile Hx1320 Firmware
Lenovo Thinkagile Hx1321 Firmware
Lenovo Thinkagile Hx1331 Firmware
Lenovo Thinkagile Hx1520-r Firmware
Lenovo Thinkagile Hx1521-r Firmware
Lenovo Thinkagile Hx2320-e Firmware
Lenovo Thinkagile Hx2321 Firmware
Lenovo Thinkagile Hx2330 Firmware
Lenovo Thinkagile Hx2330 Firmware 2.93 Afbt30p
Lenovo Thinkagile Hx2331 Firmware
Lenovo Thinkagile Hx2720-e Firmware
Lenovo Thinkagile Hx3320 Firmware
Lenovo Thinkagile Hx3321 Firmware
Lenovo Thinkagile Hx3330 Firmware
Lenovo Thinkagile Hx3331 Firmware
Lenovo Thinkagile Hx3375 Firmware
Lenovo Thinkagile Hx3376 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »