Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
authenticate vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-6239
webadmin in MailEnable NetWebAdmin Professional 2.32 and Enterprise 2.32 allows remote malicious users to authenticate using an empty password.
Mailenable Netwebadmin Enterprise 2.32
Mailenable Netwebadmin Professional 2.32
6.4
CVSSv2
CVE-2022-24797
Pomerium is an identity-aware access proxy. In distributed service mode, Pomerium's Authenticate service exposes pprof debug and prometheus metrics handlers to untrusted traffic. This can leak potentially sensitive environmental information or lead to limited denial of servi...
Pomerium Pomerium
10
CVSSv2
CVE-2002-2279
Unspecified vulnerability in the bind function in config.inc of aldap 0.09 allows remote malicious users to authenticate with Manager permissions.
Aldap Aldap 0.09
7.5
CVSSv2
CVE-2001-1507
OpenSSH prior to 3.0.1 with Kerberos V enabled does not properly authenticate users, which could allow remote malicious users to login unchallenged.
Openbsd Openssh 3.0
Openbsd Openssh 3.0p1
NA
CVE-2024-25650
Insecure key exchange between Delinea PAM Secret Server 11.4 and the Distributed Engine 8.4.3 allows a PAM administrator to obtain the Symmetric Key (used to encrypt RabbitMQ messages) via crafted payloads to the /pre-authenticate, /authenticate, and /execute-and-respond REST API...
7.5
CVSSv2
CVE-2014-0097
The ActiveDirectoryLdapAuthenticator in Spring Security 3.2.0 to 3.2.1 and 3.1.0 to 3.1.5 does not check the password length. If the directory allows anonymous binds then it may incorrectly authenticate a user who supplies an empty password.
Vmware Spring Security 3.1.1
Vmware Spring Security 3.1.2
Vmware Spring Security 3.1.3
Vmware Spring Security 3.2.0
Vmware Spring Security 3.1.4
Vmware Spring Security 3.1.5
Vmware Spring Security 3.1.0
Vmware Spring Security 3.2.1
2.1
CVSSv2
CVE-2020-11723
Cellebrite UFED 5.0 up to and including 7.29 uses four hardcoded RSA private keys to authenticate to the ADB daemon on target devices. Extracted keys can be used to place evidence onto target devices when performing a forensic extraction.
Cellebrite Ufed Firmware
NA
CVE-2023-48250
The vulnerability allows a remote malicious user to authenticate to the web application with high privileges through multiple hidden hard-coded accounts.
Bosch Nexo-os
NA
CVE-2023-48251
The vulnerability allows a remote malicious user to authenticate to the SSH service with root privileges through a hidden hard-coded account.
Bosch Nexo-os
6.8
CVSSv2
CVE-2003-1424
message.php in Petitforum does not properly authenticate users, which allows remote malicious users to impersonate forum users via a modified connect cookie.
Petitforum Petitforum
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »