24 matches found
CVE-2026-54817
Authentication Bypass Using an Alternate Path or Channel vulnerability in FluxBuilder MStore API allows Password Recovery Exploitation. This issue affects MStore API: from n/a through 4.18.4...
CVE-2026-49062
Authentication Bypass Using an Alternate Path or Channel vulnerability in WP Engine Faust.Js allows Password Recovery Exploitation. This issue affects Faust.Js: from n/a through 1.8.7...
CVE-2025-41273
Nozomi Networks Labs identified a CWE-288: Authentication Bypass Using an Alternate Path or Channel in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to bypass authentication of the Console web application and...
CVE-2026-42749
Authentication Bypass Using an Alternate Path or Channel vulnerability in Themeisle Disable Comments for Any Post Types Remove comments comments-plus allows Password Recovery Exploitation.This issue affects Disable Comments for Any Post Types Remove comments: from n/a through = 1.3.0...
PT-2026-43647
Authentication Bypass Using an Alternate Path or Channel vulnerability in Iqonic Design KiviCare kivicare-clinic-management-system allows Password Recovery Exploitation.This issue affects KiviCare: from n/a through = 4.3.0...
CVE-2026-27049
Authentication Bypass Using an Alternate Path or Channel vulnerability in NooTheme Jobica Core jobica-core allows Authentication Abuse.This issue affects Jobica Core: from n/a through = 1.4.2...
EUVD-2026-9642
Authentication Bypass Using an Alternate Path or Channel vulnerability in designthemes WeDesignTech Ultimate Booking Addon wedesigntech-ultimate-booking-addon allows Authentication Abuse.This issue affects WeDesignTech Ultimate Booking Addon: from n/a through = 1.0.1...
CVE-2025-69101
Authentication Bypass Using an Alternate Path or Channel vulnerability in AmentoTech Workreap Core workreapcore allows Authentication Abuse.This issue affects Workreap Core: from n/a through = 3.4.1...
EUVD-2025-205658
Authentication Bypass Using an Alternate Path or Channel vulnerability in Mobile Builder Mobile builder allows Authentication Abuse.This issue affects Mobile builder: from n/a through 1.4.2...
CVE-2025-68860
Authentication Bypass Using an Alternate Path or Channel vulnerability in Mobile Builder Mobile builder mobile-builder allows Authentication Abuse.This issue affects Mobile builder: from n/a through = 1.4.2...
CVE-2025-64236
Authentication Bypass Using an Alternate Path or Channel vulnerability in AmentoTech Tuturn allows Authentication Abuse.This issue affects Tuturn: from n/a before 3.6...
CVE-2025-66238 Sunbird DCIM dcTrack and Power IQ Authentication Bypass Using an Alternate Path or Channel
DCIM dcTrack allows an attacker to misuse certain remote access features. An authenticated user with access to the appliance's virtual console could exploit these features to redirect network traffic, potentially accessing restricted services or data on the host machine...
CVE-2025-60041 WordPress Emails Catch All plugin <= 3.5.3 - Broken Authentication vulnerability
Authentication Bypass Using an Alternate Path or Channel vulnerability in Iulia Cazan Emails Catch All emails-catch-all allows Password Recovery Exploitation.This issue affects Emails Catch All: from n/a through = 3.5.3...
CVE-2025-11534
The CVE-2025-11534 vulnerability affects Raisecom Raisecomm RAX701-GC-WP-01 devices, where the SSH daemon (a custom Dropbear fork) can bypass authentication via an undocumented auxiliary path (port 2222) and expose a raw command channel, granting unauthenticated root shell access. Exploitation re...
CVE-2025-8093
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Authenticator Login allows Authentication Bypass.This issue affects Authenticator Login: from 0.0.0 before 2.1.8...
EUVD-2024-37329
Malicious code in bioql PyPI...
CVE-2025-61733 Apache Kylin: Authentication bypass
Authentication Bypass Using an Alternate Path or Channel vulnerability in Apache Kylin. This issue affects Apache Kylin: from 4.0.0 through 5.0.2. Users are recommended to upgrade to version 5.0.3, which fixes the issue...
CVE-2025-54738
Authentication Bypass Using an Alternate Path or Channel vulnerability in NooTheme Jobmonster noo-jobmonster allows Authentication Abuse.This issue affects Jobmonster: from n/a through = 4.7.9...
CVE-2025-8995
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Authenticator Login allows Authentication Bypass.This issue affects Authenticator Login: from 0.0.0 before 2.1.4...
CVE-2025-8995
CVE-2025-8995: Drupal Authenticator Login contains an authentication bypass vulnerability in versions prior to 2.1.4. The issue arises in the Authenticator Login module (Drupal) where an alternate path or channel can bypass authentication, effectively allowing login as a user without proper crede...