Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
authenticate vulnerabilities and exploits
(subscribe to this query)
6.7
CVSSv3
CVE-2019-11143
Improper permissions in the software installer for Intel(R) Authenticate prior to 3.8 may allow an authenticated user to potentially enable escalation of privilege via local access.
Intel Authenticate
1 Article
9.8
CVSSv3
CVE-2016-6567
SHDesigns' Resident Download Manager provides firmware update capabilities for Rabbit 2000/3000 CPU boards, which according to the reporter may be used in some industrial control and embedded applications. The Resident Download Manager does not verify that the firmware is au...
Shdesigns Resident Download Manager -
9.8
CVSSv3
CVE-2007-6759
Dataprobe iBootBar (with 2007-09-20 and possibly later released firmware) allows remote malicious users to bypass authentication, and conduct power-cycle attacks on connected devices, via a DCRABBIT cookie.
Dataprobe Ibootbar Firmware
9.8
CVSSv3
CVE-2007-6760
Dataprobe iBootBar (with 2007-09-20 and possibly later beta firmware) allows remote malicious users to bypass authentication, and conduct power-cycle attacks on connected devices, via a DCCOOKIE cookie.
Dataprobe Ibootbar Firmware
8.1
CVSSv3
CVE-2017-3217
CalAmp LMU 3030 series OBD-II CDMA and GSM devices has an SMS (text message) interface that can be deployed where no password is configured for this interface by the integrator / reseller. This interface must be password protected, otherwise, the attacker only needs to know the p...
Calamp Lmu 3030 Obd-ii Firmware -
Calamp Lmu 3030 Cdma Firmware -
Calamp Lmu 3030 Gsm Firmware -
NA
CVE-2010-2940
The auth_send function in providers/ldap/ldap_auth.c in System Security Services Daemon (SSSD) 1.3.0, when LDAP authentication and anonymous bind are enabled, allows remote malicious users to bypass the authentication requirements of pam_authenticate via an empty password.
Fedoraproject Sssd 1.3.0
9.8
CVSSv3
CVE-2004-0772
Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and previous versions may allow remote malicious users to execute arbitrary code.
Mit Kerberos 5
Openpkg Openpkg 2.0
Openpkg Openpkg 2.1
Debian Debian Linux 3.0
8.8
CVSSv3
CVE-2016-2354
The Bluetooth functionality in Lemur Vehicle Monitors BlueDriver prior to 2016-04-07 supports unrestricted pairing without a PIN, which allows remote malicious users to send arbitrary CAN commands by leveraging access to a device inside or adjacent to the vehicle, as demonstrated...
Lemurmonitors Bluedriver
NA
CVE-2005-0198
A logic error in the CRAM-MD5 code for the University of Washington IMAP (UW-IMAP) server, when Challenge-Response Authentication Mechanism with MD5 (CRAM-MD5) is enabled, does not properly enforce all the required conditions for successful authentication, which allows remote mal...
University Of Washington Uw-imap
NA
CVE-2010-3038
Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the Linux operating system is used, has a default password for the (1) root, (2) cs, and (3) develop accounts, which makes it easier for remote malicious users to obtain access via the (a) FTP or (b) SSH daemon, aka...
Cisco Unified Videoconferencing System 5110 Firmware 7.0.1.13.3
Cisco Unified Videoconferencing System 5115 Firmware 7.0.1.13.3
Cisco Unified Videoconferencing System 5110
Cisco Unified Videoconferencing System 5115
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »