Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
authentication bypass vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-4358
This vulnerability allows remote attackers to bypass authentication on affected installations of Progress Software Telerik Reporting. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the Register method. The issu...
NA
CVE-2024-2420
LenelS2 NetBox access control and event monitoring system exists to contain Hardcoded Credentials in versions prior to and including 5.6.1 which allows an malicious user to bypass authentication requirements.
NA
CVE-2024-36470
In JetBrains TeamCity prior to 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 authentication bypass was possible in specific edge cases
NA
CVE-2024-5150
The Login with phone number plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.7.26. This is due to the 'activation_code' default value is empty, and the not empty check is missing in the 'lwp_ajax_register' functio...
NA
CVE-2024-5204
The Swiss Toolkit For WP plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.0.7. This is due to the plugin storing custom data in post metadata without an underscore prefix. This makes it possible for authenticated attackers with contr...
NA
CVE-2024-4544
The Pie Register - Social Sites Login (Add on) plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.7.7. This is due to insufficient verification on the user being supplied during a social login through the plugin. This makes it possible...
NA
CVE-2024-5296
D-Link D-View Use of Hard-coded Cryptographic Key Authentication Bypass Vulnerability. This vulnerability allows remote malicious users to bypass authentication on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability. The specific...
NA
CVE-2024-5168
Improper access control vulnerability in Prodys' Quantum Audio codec affecting versions 2.3.4t and below. This vulnerability could allow an unauthenticated user to bypass authentication entirely and execute arbitrary API requests against the web application.
NA
CVE-2024-29853
An authentication bypass vulnerability in Veeam Agent for Microsoft Windows allows for local privilege escalation.
NA
CVE-2024-32827
Authentication Bypass by Spoofing vulnerability in RafflePress Giveaways and Contests allows Functionality Bypass.This issue affects Giveaways and Contests: from n/a up to and including 1.12.7.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »