CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15 matches found

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2018-20467

Malware in sbrugna...

9.8CVSS9.5AI score0.00311EPSS

Exploits0References2

Positive Technologies•added 2025/07/12 12:0 a.m.•2 views

PT-2025-29301 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The provided descriptions indicate an authentication bypass issue. The reason for rejection is stated as 'Not used'. Recommendations: At the moment, there is no information about a newer...

6.6AI score

Exploits0References2

RedhatCVE•added 2025/05/23 1:12 a.m.•8 views

CVE-2022-32429

An authentication-bypass issue in the component http://MYDEVICEIP/cgi-bin-sdb/ExportSettings.sh of Mega System Technologies Inc MSNSwitch MNT.2408 allows unauthenticated attackers to arbitrarily configure settings within the application, leading to remote code execution...

9.8CVSS7.5AI score0.79901EPSS

Exploits4References1

RedhatCVE•added 2025/05/22 6:29 p.m.•11 views

CVE-2021-29441

Nacos is a platform designed for dynamic service discovery and configuration and service management. In Nacos before version 1.4.1, when configured to use authentication -Dnacos.core.auth.enabled=true Nacos uses the AuthFilter servlet filter to enforce authentication. This filter has a backdoor...

9.8CVSS7.1AI score0.93923EPSS

Exploits1References1

OSV•added 2025/04/01 9:15 a.m.•1 views

CVE-2024-56325

Authentication Bypass Issue If the path does not contain / and contain., authentication is not required. Expected Normal Request and Response Example curl -X POST -H "Content-Type: application/json" -d...

9.8CVSS9.5AI score

Exploits0References2

Vulnrichment•added 2025/02/17 11:56 p.m.•7 views

CVE-2025-25055

Authentication bypass by spoofing issue exists in FileMegane versions above 1.0.0.0 prior to 3.4.0.0, which may lead to user impersonation. If exploited, restricted file contents may be accessed...

5.3CVSS6.8AI score0.00077EPSS

Exploits0References2

Tenable Nessus•added 2024/11/18 12:0 a.m.•24 views

Apache Tomcat 10.1.27 < 10.1.31 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 10.1.31. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat10.1.31security-10 advisory. - Incorrect object re-cycling and re-use vulnerability in Apache Tomcat. Incorrect recycling of the...

9.8CVSS8AI score0.21066EPSS

Exploits2References5

OSV•added 2023/09/13 10:15 a.m.•4 views

CVE-2023-41081

Important: Authentication Bypass CVE-2023-41081 The modjk component of Apache Tomcat Connectors in some circumstances, such as when a configuration included "JkOptions +ForwardDirectories" but the configuration did not provide explicit mounts for all possible proxied requests, modjk would use an...

7.5CVSS7.7AI score

Exploits0References4

OSV•added 2022/06/22 12:53 p.m.•5 views

SUSE-SU-2022:2154-1 Security update for salt

This update for salt fixes the following issues: - CVE-2022-22967: Fixed missing check for PAMACCTMGM return value that could lead to authentication bypass when using PAM bsc1200566...

8.8CVSS8.8AI score0.00504EPSS

Exploits0References3

Positive Technologies•added 2022/01/28 12:0 a.m.•5 views

PT-2022-11232 · Reolink · Reolink Rlc-410W

Name of the Vulnerable Software and Affected Versions: reolink RLC-410W version 3.0.0.136 20121102 Description: An authentication bypass issue exists in the cgiserver.cgi Login functionality. A specially-crafted HTTP request can lead to authentication bypass, allowing an attacker to send an HTTP...

6.5CVSS5.4AI score0.00252EPSS

Exploits1References4

Prion•added 2018/05/29 8:29 p.m.•9 views

Authentication flaw

When attempting to allow authentication mode try in hapi, hapi-auth-jwt2 version 5.1.1 introduced an issue whereby people could bypass authentication...

7.5CVSS7.2AI score0.00448EPSS

Exploits0References3Affected Software1

Exploit DB•added 2017/01/31 12:0 a.m.•46 views

AlienVault OSSIM/USM < 5.3.1 - Remote Code Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "AlienVault OSSIM/USM Remote Code Execution", 'Description' = %q This module exploits object injection, authentication bypass an...

7.4AI score

Exploits0

Duo Security Advisories•added 2014/01/27 5:0 a.m.•27 views

DUO-PSA-2014-003: Duo Product Security Advisory

Duo Product Security Advisory Advisory ID: DUO-PSA-2014-003 Publication Date: 2014-01-27 Status: Confirmed, Fixed Document Revision: 2 Overview Duo Security has identified an issue in which it is possible to bypass second factor authentication of Remote Desktop Protocol RDP integrations which are...

0.3AI score

Exploits0

Duo Security Advisories•added 2014/01/08 5:0 a.m.•486 views

DUO-PSA-2014-001: Duo Product Security Advisory

Duo Product Security Advisory Advisory ID: DUO-PSA-2014-001 Publication Date: 2014-01-08 Status: Confirmed, Fixed Document Revision: 2 Overview Older versions of the Duo Security Outlook Web Access OWA integration may be vulnerable to a bypass of the second authentication factor. Description Unde...

0.5AI score

Exploits0

securityvulns•added 2000/11/08 12:0 a.m.•35 views

Authentix Security Advisory

Security advisory: Authentix100 Release Date: 1 november 2000 Vendor: Flicks Software http://www.flicks.com Product Description Authentix is a Windows-based product that offers cookie/form-based or 100 cookie-free "Basic Authentication" website protection while keeping NT Users Names and Password...

1.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by