Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

authentication bypass vulnerabilities and exploits

(subscribe to this query)

5.5
CVSSv3
CVE-2022-22284
Improper authentication vulnerability in Samsung Internet prior to 16.0.2.19 allows attackers to bypass secret mode password authentication...
Samsung Internet
9.8
CVSSv3
CVE-2020-27780
A flaw was found in Linux-Pam in versions prior to 1.5.1 in the way it handle empty passwords for non-existing users. When the user doesn't exist PAM try to authenticate with root and in the case of an empty password it successfully authenticate....
Linux-pam Linux-pam
6.5
CVE-2021-40693
An authentication bypass risk was identified in the external database authentication functionality, due to a type juggling vulnerability....
Moodle Moodle
7.5
CVSSv3
CVE-2019-1006
An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'....
Microsoft .net Framework 2.0Microsoft .net Framework 3.0Microsoft .net Framework 3.5Microsoft .net Framework 4.7.2Microsoft .net Framework 4.8Microsoft .net Framework 3.5.1Microsoft .net Framework 4.5.2Microsoft .net Framework 4.6Microsoft .net Framework 4.6.1Microsoft .net Framework 4.6.2Microsoft .net Framework 4.7Microsoft .net Framework 4.7.1Microsoft Windows 10 1803Microsoft Windows 10 1809Microsoft Windows 10 1903Microsoft Windows Server 2008 -Microsoft Sharepoint Enterprise Server 2016Microsoft Sharepoint Foundation 2013Microsoft Windows Rt 8.1 -Microsoft Windows 10 1607Microsoft Windows 10 1709Microsoft Windows Server 2008 R2Microsoft Windows Server 2012 -Microsoft Sharepoint Server 2019Microsoft Identitymodel 7.0.0Microsoft Windows 7 -Microsoft Windows 8.1 -Microsoft Windows Server 2016 -Microsoft Windows Server 2016 1803Microsoft Windows Server 2016 1903Microsoft Windows Server 2019 -Microsoft Sharepoint Enterprise Server 2013Microsoft Sharepoint Foundation 2010Microsoft Windows 10 -Microsoft Windows 10 1703Microsoft Windows Server 2012 R2
9.8
CVSSv3
CVE-2020-15506
An authentication bypass vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0 that allows remote attackers to bypass authentication mechanisms via unspecified vectors....
Mobileiron CloudMobileiron CoreMobileiron Enterprise ConnectorMobileiron Reporting DatabaseMobileiron Sentry
9.8
CVSSv3
CVE-2017-5174
An Authentication Bypass issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An authentication bypass vulnerability has been identified. The existing file system architecture could allow attackers to bypass the access control that may allow remote code...
Geutebruck Ip Camera G-cam Efd-2250 Firmware 1.11.0.12
9.8
CVSSv3
CVE-2021-22507
Authentication bypass vulnerability in Micro Focus Operations Bridge Manager affects versions 2019.05, 2019.11, 2020.05 and 2020.10. The vulnerability could allow remote attackers to bypass user authentication and get unauthorized access....
9.8
CVSSv3
CVE-2018-12984
Hycus CMS 1.0.4 allows Authentication Bypass via "'=' 'OR'" credentials....
Hycus Cms Project Hycus Cms 1.0.4
9.8
CVSSv3
CVE-2022-22956
VMware Workspace ONE Access has two authentication bypass vulnerabilities (CVE-2022-22955 & CVE-2022-22956) in the OAuth2 ACS framework. A malicious actor may bypass the authentication mechanism and execute any operation due to exposed endpoints in the authentication...
Vmware Identity Manager 3.3.3Vmware Identity Manager 3.3.4Vmware Identity Manager 3.3.5Vmware Identity Manager 3.3.6Vmware Vrealize Automation 7.6Vmware Vrealize AutomationVmware Workspace One Access 20.10.0.0Vmware Workspace One Access 20.10.0.1Vmware Workspace One Access 21.08.0.0Vmware Workspace One Access 21.08.0.1
7.5
CVSSv3
CVE-2020-13929
Authentication bypass vulnerability in Apache Zeppelin allows an attacker to bypass Zeppelin authentication mechanism to act as another user. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions....
Apache Zeppelin
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversalCVE-2023-21068CVE-2023-21077unspecifiedCVE-2023-21070CVE-2023-21016file upload
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook