Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2013-4438

Malware in sbrugna...

6.8CVSS6.4AI score0.01322EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2014-0847

Malware in sbrugna...

4.9CVSS6.4AI score0.00962EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-3516

Malicious code in bioql PyPI...

6.5CVSS6.3AI score0.04827EPSS
Exploits1References10
RedhatCVE
RedhatCVE
added 2025/05/21 10:9 p.m.12 views

CVE-2005-4266

WorldClient.dll in Alt-N MDaemon and WorldClient 8.1.3 trusts a Session parameter that contains a randomly generated session ID that is associated with a username, which allows remote attackers to perform actions as other users by guessing or sniffing the random value...

7.5CVSS7.1AI score0.01317EPSS
Exploits0References1
Veracode
Veracode
added 2024/02/09 9:19 a.m.23 views

Sensitive Information Exposure

Liferay Portal is vulnerable to Sensitive Information Exposure. The vulnerability is due to the doAsUserId URL parameter being leaked when creating linked content using the WYSIWYG editor and impersonating a user. This can be exploited to potentially allow remote authenticated users to impersonat...

8.1CVSS6.8AI score0.00548EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichment
added 2024/02/01 4:18 p.m.29 views

CVE-2024-23832 Mastodon Remote user impersonation and takeover

Mastodon is a free, open-source social network server based on ActivityPub Mastodon allows configuration of LDAP for authentication. Due to insufficient origin validation in all Mastodon, attackers can impersonate and take over any remote account. Every Mastodon version prior to 3.5.17 is...

9.4CVSS7AI score0.01934EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/02/01 4:18 p.m.32 views

CVE-2024-23832 Mastodon Remote user impersonation and takeover

Mastodon is a free, open-source social network server based on ActivityPub Mastodon allows configuration of LDAP for authentication. Due to insufficient origin validation in all Mastodon, attackers can impersonate and take over any remote account. Every Mastodon version prior to 3.5.17 is...

9.4CVSS9.7AI score0.01934EPSS
Exploits0References3
OSV
OSV
added 2023/11/29 6:56 p.m.19 views

CVE-2023-49079 Misskey's missing signature validation allows arbitrary users to impersonate any remote user.

Misskey is an open source, decentralized social media platform. Misskey's missing signature validation allows arbitrary users to impersonate any remote user. This issue has been patched in version 2023.11.1-beta.1...

9.3CVSS7.6AI score0.004EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/11/29 12:0 a.m.4 views

Misskey Data Falsification Issue Vulnerability

Misskey is a suite of micro-blogging platforms. Misskey 2023.11.0 and prior versions suffer from a Data Forgery Issue vulnerability that stems from a lack of signature validation and allows an arbitrary user to impersonate any remote user...

9.3CVSS7AI score0.004EPSS
Exploits0References1
Prion
Prion
added 2019/03/07 6:29 p.m.15 views

Code injection

Cloud Foundry UAA, versions prior to v70.0, allows a user to update their own email address. A remote authenticated user can impersonate a different user by changing their email address to that of a different user...

4CVSS6.2AI score0.00876EPSS
Exploits0References1Affected Software1
UbuntuCve
UbuntuCve
added 2017/02/09 8:59 p.m.22 views

CVE-2017-5591

An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for SleekXMPP up to 1.3.1 and...

5.9CVSS6.6AI score0.01263EPSS
Exploits3References5
OSV
OSV
added 2017/02/09 8:59 p.m.18 views

CVE-2017-5592

An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for profanity 0.4.7 - 0.5.0...

5.9CVSS5.6AI score0.00679EPSS
Exploits2References5
OSV
OSV
added 2015/04/24 2:59 p.m.14 views

CVE-2015-3143

cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015...

5CVSS7.3AI score0.16222EPSS
Exploits0References23
CVE
CVE
added 2014/10/08 7:0 p.m.41 views

CVE-2014-5375

CVE-2014-5375 affects Adaptive Computing Moab workload manager. It occurs when the Moab server does not properly validate that the message owner matches the submitting user, permitting remote authenticated users to impersonate arbitrary users via the and fields. Affected: Moab prior to 7.2.9 an...

4CVSS6.5AI score0.0168EPSS
Exploits3References5Affected Software1
Cvelist
Cvelist
added 2014/04/24 2:0 p.m.40 views

CVE-2014-0188

The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which allows remote attackers to bypass authentication and impersonate arbitrary users via the X-Remote-User header in a request...

6.9AI score0.01667EPSS
Exploits0References3
CVE
CVE
added 2014/02/27 1:0 a.m.60 views

CVE-2014-0817

CVE-2014-0817 affects Cybozu Garoon 2.x (up to 2.5.4) and 3.x (up to 3.7 SP3). The issue is improper session management that enables remote authenticated users to impersonate arbitrary accounts via unspecified vectors. Impact as described across multiple sources: an authenticated user could imper...

4.9CVSS6.5AI score0.00962EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2012/07/20 10:0 a.m.22 views

CVE-2011-4584

The MNET authentication functionality in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 allows remote authenticated users to impersonate other user accounts by using the Login As feature in conjunction with a remote MNET single sign-on capability, as demonstrated by a Maha...

6.2AI score0.01727EPSS
Exploits0References4
Rows per page
Query Builder