Search Results (3545 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2018-10561 1 Dasannetworks 2 Gpon Router, Gpon Router Firmware 2025-11-05 9.8 Critical
An issue was discovered on Dasan GPON home routers. It is possible to bypass authentication simply by appending "?images" to any URL of the device that requires authentication, as demonstrated by the /menu.html?images/ or /GponForm/diag_FORM?images/ URI. One can then manage the device.
CVE-2014-5412 2 Aveva, Schneider-electric 2 Clearscada, Scada Expert Clearscada 2025-11-04 N/A
Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 through 2014 R1 allows remote attackers to read database records by leveraging access to the guest account.
CVE-2023-52161 1 Intel 1 Inet Wireless Daemon 2025-11-04 7.5 High
The Access Point functionality in eapol_auth_key_handle in eapol.c in iNet wireless daemon (IWD) before 2.14 allows attackers to gain unauthorized access to a protected Wi-Fi network. An attacker can complete the EAPOL handshake by skipping Msg2/4 and instead sending Msg4/4 with an all-zero key.
CVE-2023-4498 1 Tenda 3 N300, N300 Firmware, N300 Wireless N Vdsl2 Modem Router 2025-11-04 5.3 Medium
Tenda N300 Wireless N VDSL2 Modem Router allows unauthenticated access to pages that in turn should be accessible to authenticated users only
CVE-2023-45866 7 Apple, Bluproducts, Canonical and 4 more 17 Ipados, Iphone Os, Iphone Se and 14 more 2025-11-04 6.3 Medium
Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue.
CVE-2022-4874 1 Netcommwireless 6 Nf20, Nf20 Firmware, Nf20mesh and 3 more 2025-11-04 7.5 High
Authentication bypass in Netcomm router models NF20MESH, NF20, and NL1902 allows an unauthenticated user to access content. In order to serve static content, the application performs a check for the existence of specific characters in the URL (.css, .png etc). If it exists, it performs a "fake login" to give the request an active session to load the file and not redirect to the login page.
CVE-2020-26558 6 Bluetooth, Debian, Fedoraproject and 3 more 35 Bluetooth Core Specification, Debian Linux, Fedora and 32 more 2025-11-04 4.2 Medium
Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the Passkey value one bit at a time.
CVE-2020-26557 1 Bluetooth 1 Mesh Profile 2025-11-04 7.5 High
Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (without possession of the AuthValue used in the provisioning protocol) to determine the AuthValue via a brute-force attack (unless the AuthValue is sufficiently random and changed each time).
CVE-2020-10123 1 Ncr 2 Aptra Xfs, Selfserv Atm 2025-11-04 5.3 Medium
The currency dispenser of NCR SelfSev ATMs running APTRA XFS 05.01.00 or earlier does not adequately authenticate session key generation requests from the host computer, allowing an attacker with physical access to internal ATM components to issue valid commands to dispense currency by generating a new session key that the attacker knows.
CVE-2023-52160 6 Debian, Fedoraproject, Google and 3 more 7 Debian Linux, Fedora, Android and 4 more 2025-11-04 6.5 Medium
The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused to skip Phase 2 authentication. The attack vector is sending an EAP-TLV Success packet instead of starting Phase 2. This allows an adversary to impersonate Enterprise Wi-Fi networks.
CVE-2023-42935 1 Apple 1 Macos 2025-11-04 5.5 Medium
An authentication issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.6.4. A local attacker may be able to view the previous logged in user’s desktop from the fast user switching screen.
CVE-2020-4427 1 Ibm 1 Data Risk Manager 2025-11-04 9.8 Critical
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote attacker to bypass security restrictions when configured with SAML authentication. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to bypass the authentication process and gain full administrative access to the system. IBM X-Force ID: 180532.
CVE-2017-3167 6 Apache, Apple, Debian and 3 more 17 Http Server, Mac Os X, Debian Linux and 14 more 2025-11-04 9.8 Critical
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.
CVE-2022-41678 2 Apache, Redhat 4 Activemq, Amq Broker, Jboss Fuse and 1 more 2025-11-03 8.8 High
Once an user is authenticated on Jolokia, he can potentially trigger arbitrary code execution.  In details, in ActiveMQ configurations, jetty allows org.jolokia.http.AgentServlet to handler request to /api/jolokia org.jolokia.http.HttpRequestHandler#handlePostRequest is able to create JmxRequest through JSONObject. And calls to org.jolokia.http.HttpRequestHandler#executeRequest. Into deeper calling stacks, org.jolokia.handler.ExecHandler#doHandleRequest can be invoked through refection. This could lead to RCE through via various mbeans. One example is unrestricted deserialization in jdk.management.jfr.FlightRecorderMXBeanImpl which exists on Java version above 11. 1 Call newRecording. 2 Call setConfiguration. And a webshell data hides in it. 3 Call startRecording. 4 Call copyTo method. The webshell will be written to a .jsp file. The mitigation is to restrict (by default) the actions authorized on Jolokia, or disable Jolokia. A more restrictive Jolokia configuration has been defined in default ActiveMQ distribution. We encourage users to upgrade to ActiveMQ distributions version including updated Jolokia configuration: 5.16.6, 5.17.4, 5.18.0, 6.0.0.
CVE-2023-2283 3 Fedoraproject, Libssh, Redhat 4 Fedora, Libssh, Enterprise Linux and 1 more 2025-11-03 6.5 Medium
A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in the`pki_verify_data_signature` function in memory allocation problems. This issue may happen if there is insufficient memory or the memory usage is limited. The problem is caused by the return value `rc,` which is initialized to SSH_ERROR and later rewritten to save the return value of the function call `pki_key_check_hash_compatible.` The value of the variable is not changed between this point and the cryptographic verification. Therefore any error between them calls `goto error` returning SSH_OK.
CVE-2022-24883 2 Fedoraproject, Freerdp 2 Fedora, Freerdp 2025-11-03 7.4 High
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). Prior to version 2.7.0, server side authentication against a `SAM` file might be successful for invalid credentials if the server has configured an invalid `SAM` file path. FreeRDP based clients are not affected. RDP server implementations using FreeRDP to authenticate against a `SAM` file are affected. Version 2.7.0 contains a fix for this issue. As a workaround, use custom authentication via `HashCallback` and/or ensure the `SAM` database path configured is valid and the application has file handles left.
CVE-2022-24882 2 Fedoraproject, Freerdp 3 Extra Packages For Enterprise Linux, Fedora, Freerdp 2025-11-03 9.1 Critical
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). In versions prior to 2.7.0, NT LAN Manager (NTLM) authentication does not properly abort when someone provides and empty password value. This issue affects FreeRDP based RDP Server implementations. RDP clients are not affected. The vulnerability is patched in FreeRDP 2.7.0. There are currently no known workarounds.
CVE-2022-0996 2 Fedoraproject, Redhat 4 Fedora, 389 Directory Server, Enterprise Linux and 1 more 2025-11-03 6.5 Medium
A vulnerability was found in the 389 Directory Server that allows expired passwords to access the database to cause improper authentication.
CVE-2022-0547 3 Debian, Fedoraproject, Openvpn 3 Debian Linux, Fedora, Openvpn 2025-11-03 9.8 Critical
OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials.
CVE-2021-3652 2 Port389, Redhat 4 389-ds-base, Directory Server, Enterprise Linux and 1 more 2025-11-03 6.5 Medium
A flaw was found in 389-ds-base. If an asterisk is imported as password hashes, either accidentally or maliciously, then instead of being inactive, any password will successfully match during authentication. This flaw allows an attacker to successfully authenticate as a user whose password was disabled.