Lucene search
K

24 matches found

Snyk
Snyk
added 2026/07/03 8:18 a.m.7 views

Authentication Bypass by Primary Weakness

Overview Affected versions of this package are vulnerable to Authentication Bypass by Primary Weakness in the STARTTLS process. An attacker can compromise the security of the TLS connection by exploiting a scenario where a new transfer reuses an existing live connection despite a mismatch in TLS...

9.1CVSS6AI score0.0052EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/07/03 8:8 a.m.6 views

CVE-2026-35159

Dell Client Platform BIOS contains an Authentication Bypass by Primary Weakness vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Information Disclosure...

5.3CVSS6AI score0.0016EPSS
Exploits0References2
CVE
CVE
added 2026/07/03 8:8 a.m.32 views

CVE-2026-35159

Dell Client Platform BIOS contains an Authentication Bypass by Primary Weakness vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Information Disclosure. Affects Dell Client Platform BIOS; root cause and remediation details ar...

5.3CVSS6AI score0.0016EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/15 6:17 a.m.9 views

Authentication Bypass by Primary Weakness

Overview mlflow is a platform to streamline machine learning development, including tracking experiments, packaging code into reproducible runs, and sharing and deploying models. Affected versions of this package are vulnerable to Authentication Bypass by Primary Weakness via the...

8.8CVSS7.8AI score0.01502EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/30 12:0 a.m.11 views

PT-2026-36123

Name of the Vulnerable Software and Affected Versions MOVEit Automation versions prior to 2024.1.8 MOVEit Automation versions 2024.0.0 through 2024.1.7 MOVEit Automation versions 2025.0.0 through 2025.0.8 Description An improper authentication flaw allows attackers to bypass authentication...

10CVSS6AI score0.05633EPSS
Exploits0References51
Snyk
Snyk
added 2026/03/05 11:23 a.m.3 views

Authentication Bypass by Primary Weakness

Overview org.keycloak:keycloak-services is an open source identity and access management solution for modern applications and services. Affected versions of this package are vulnerable to Authentication Bypass by Primary Weakness via the SAML Identity Provider authentication process when it is...

8.6CVSS5.8AI score0.00413EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/02/20 1:40 p.m.148 views

Exploit for Authentication Bypass by Primary Weakness in Crushftp

No d...

9.8CVSS5.4AI score0.99947EPSS
Exploits18
EUVD
EUVD
added 2026/01/21 3:25 p.m.8 views

EUVD-2026-3663

Authentication Bypass by Primary Weakness vulnerability in Jamf Jamf Pro allows unspecified impact.This issue affects Jamf Pro: from 11.20 through 11.24...

5.3CVSS5.4AI score0.00311EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 8:56 a.m.8 views

CVE-2023-4898

Authentication Bypass by Primary Weakness in GitHub repository mintplex-labs/anything-llm prior to 0.0.1...

8.2CVSS6.8AI score0.00585EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-0927

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.01359EPSS
Exploits0References3
Snyk
Snyk
added 2025/08/05 9:44 p.m.3 views

Authentication Bypass by Primary Weakness

Overview Affected versions of this package are vulnerable to Authentication Bypass by Primary Weakness via r.URL.Path function in the middleware process. An attacker can execute arbitrary system commands or gain control over managed hosts by accessing the backend login path without authentication...

7.7CVSS7.8AI score0.00622EPSS
Exploits0References2
Snyk
Snyk
added 2025/04/30 6:42 p.m.4 views

Authentication Bypass by Primary Weakness

Overview Affected versions of this package are vulnerable to Authentication Bypass by Primary Weakness due to improper handling of certain Check and ListObject calls. An attacker can bypass authorization controls by exploiting these calls. Note: This is only exploitable if Check API or ListObject...

8.5CVSS7.1AI score0.00327EPSS
Exploits0References2
NVD
NVD
added 2025/01/02 12:15 p.m.8 views

CVE-2023-46611

Authentication Bypass by Primary Weakness vulnerability in yourownprogrammer YOP Poll allows Authentication Bypass.This issue affects YOP Poll: from n/a through 6.5.28...

5.3CVSS0.00405EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/03/05 1:15 p.m.6 views

CVE-2023-7103

Authentication Bypass by Primary Weakness vulnerability in ZKSoftware Biometric Security Solutions UFace 5 allows Authentication Bypass. This issue affects UFace 5: through 12022024...

9.8CVSS7.3AI score0.0064EPSS
Exploits0References3
Prion
Prion
added 2023/07/17 2:15 p.m.15 views

Authentication flaw

Authentication Bypass by Primary Weakness vulnerability in Oliva Expertise Oliva Expertise EKS allows Collect Data as Provided by Users.This issue affects Oliva Expertise EKS: before 1.2...

5CVSS7.6AI score0.00526EPSS
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 2023/04/06 12:0 a.m.245 views

modoboa 2.0.4 Admin Takeover

/ Exploit Title: modoboa 2.0.4 - Admin TakeOver Description: Authentication Bypass by Primary Weakness Date: 02/10/2023 Software Link: https://github.com/modoboa/modoboa Version: modoboa/modoboa prior to 2.0.4 Tested on: Arch Linux Exploit Author: 7h3h4ckv157 CVE: CVE-2023-0777 / package main...

9.8CVSS9.4AI score0.15088EPSS
Exploits4
PyPA
PyPA
added 2023/02/10 7:15 p.m.8 views

PYSEC-2023-32

Authentication Bypass by Primary Weakness in GitHub repository modoboa/modoboa prior to 2.0.4...

9.8CVSS6.8AI score0.15088EPSS
Exploits4References6Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/10 12:0 a.m.5 views

CVE-2023-0777 Authentication Bypass by Primary Weakness in modoboa/modoboa

Authentication Bypass by Primary Weakness in GitHub repository modoboa/modoboa prior to 2.0.4...

8.6CVSS7.2AI score0.15088EPSS
Exploits4References3
OSV
OSV
added 2022/12/27 3:30 p.m.22 views

GHSA-WF33-6X33-WCF9 rdiffweb vulnerable to Authentication Bypass by Primary Weakness

In rdiffweb prior to 2.5.5, the username field is not unique to users. This allows exploitation of primary key logic by creating the same name with different combinations & may allow unauthorized access...

8.6CVSS6.7AI score0.0113EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2022/12/27 3:30 p.m.24 views

rdiffweb vulnerable to Authentication Bypass by Primary Weakness

In rdiffweb prior to 2.5.5, the username field is not unique to users. This allows exploitation of primary key logic by creating the same name with different combinations & may allow unauthorized access...

7.2CVSS6.7AI score0.0113EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder