Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
authenticate vulnerabilities and exploits
(subscribe to this query)
409
VMScore
CVE-2019-11143
Improper permissions in the software installer for Intel(R) Authenticate prior to 3.8 may allow an authenticated user to potentially enable escalation of privilege via local access.
Intel Authenticate
1 Article
890
VMScore
CVE-2016-6567
SHDesigns' Resident Download Manager provides firmware update capabilities for Rabbit 2000/3000 CPU boards, which according to the reporter may be used in some industrial control and embedded applications. The Resident Download Manager does not verify that the firmware is au...
Shdesigns Resident Download Manager -
668
VMScore
CVE-2007-6759
Dataprobe iBootBar (with 2007-09-20 and possibly later released firmware) allows remote malicious users to bypass authentication, and conduct power-cycle attacks on connected devices, via a DCRABBIT cookie.
Dataprobe Ibootbar Firmware
668
VMScore
CVE-2007-6760
Dataprobe iBootBar (with 2007-09-20 and possibly later beta firmware) allows remote malicious users to bypass authentication, and conduct power-cycle attacks on connected devices, via a DCCOOKIE cookie.
Dataprobe Ibootbar Firmware
828
VMScore
CVE-2017-3217
CalAmp LMU 3030 series OBD-II CDMA and GSM devices has an SMS (text message) interface that can be deployed where no password is configured for this interface by the integrator / reseller. This interface must be password protected, otherwise, the attacker only needs to know the p...
Calamp Lmu 3030 Obd-ii Firmware -
Calamp Lmu 3030 Cdma Firmware -
Calamp Lmu 3030 Gsm Firmware -
454
VMScore
CVE-2010-2940
The auth_send function in providers/ldap/ldap_auth.c in System Security Services Daemon (SSSD) 1.3.0, when LDAP authentication and anonymous bind are enabled, allows remote malicious users to bypass the authentication requirements of pam_authenticate via an empty password.
Fedoraproject Sssd 1.3.0
668
VMScore
CVE-2004-0772
Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and previous versions may allow remote malicious users to execute arbitrary code.
Mit Kerberos 5
Openpkg Openpkg 2.0
Openpkg Openpkg 2.1
Debian Debian Linux 3.0
712
VMScore
CVE-2016-2354
The Bluetooth functionality in Lemur Vehicle Monitors BlueDriver prior to 2016-04-07 supports unrestricted pairing without a PIN, which allows remote malicious users to send arbitrary CAN commands by leveraging access to a device inside or adjacent to the vehicle, as demonstrated...
Lemurmonitors Bluedriver
668
VMScore
CVE-2005-0198
A logic error in the CRAM-MD5 code for the University of Washington IMAP (UW-IMAP) server, when Challenge-Response Authentication Mechanism with MD5 (CRAM-MD5) is enabled, does not properly enforce all the required conditions for successful authentication, which allows remote mal...
University Of Washington Uw-imap
890
VMScore
CVE-2010-3038
Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the Linux operating system is used, has a default password for the (1) root, (2) cs, and (3) develop accounts, which makes it easier for remote malicious users to obtain access via the (a) FTP or (b) SSH daemon, aka...
Cisco Unified Videoconferencing System 5110 Firmware 7.0.1.13.3
Cisco Unified Videoconferencing System 5115 Firmware 7.0.1.13.3
Cisco Unified Videoconferencing System 5110
Cisco Unified Videoconferencing System 5115
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »