408 matches found
SUSE CVE-2006-2224
RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly enforce RIPv2 authentication requirements, which allows remote attackers to modify routing state via RIPv1 RESPONSE packets...
SUSE CVE-2018-18505
An earlier fix for an Inter-process Communication IPC vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation. This authentication is insufficient for channels created after the IPC process is started, leading to the...
PT-2023-2270 · Solarwinds · Solarwinds Server/Application Monitor
Name of the Vulnerable Software and Affected Versions: Solarwinds Server & Application Monitor affected versions not specified Description: The issue is related to weaknesses in the authentication procedure, allowing a remote attacker to bypass authentication and access confidential information...
The vulnerability of the Git-based software platform for collaborative code development on GitLab allows a hacker to circumvent security restrictions.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to shortcomings in the authentication process when managing keys and tokens using deployment scripts. Exploiting this vulnerability allows a malicious actor to circumvent security...
plugin: Lack of authentication mechanism in Git Plugin webhook
A missing permission check in Jenkins Git Plugin 4.11.3 and earlier allows unauthenticated attackers to trigger builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit...
The vulnerability of TP-Link SG105PE microcontroller software, related to deficiencies in authentication procedures, allows attackers to bypass the authentication process.
The vulnerability of TP-Link SG105PE switch’s microprogramming software is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to bypass the authentication process remotely...
The vulnerability of the web interface of the microprogramming software for Cisco IP Phones 7800 and Cisco IP Phone 8800 allows a malicious individual to gain unauthorized access to protected information and enhance their privileges.
The vulnerability of the web interface of Cisco IP Phones 7800 and 8800 microprogramming software is related to deficiencies in authentication procedures. Exploiting this vulnerability can allow unauthorized actors to gain unauthorized access to protected information and increase their privileges...
The vulnerability of Citrix ADC application delivery controllers (formerly known as Citrix NetScaler Application Delivery Controller), as well as Citrix Gateway access control systems (formerly known as Citrix NetScaler Gateway), stems from insufficient verification of data authenticity. This allows attackers to gain access to servers configured in RDP proxy mode.
The vulnerability of Citrix ADC application delivery controllers formerly known as Citrix NetScaler Application Delivery Controller and Citrix Gateway access control systems formerly known as Citrix NetScaler Gateway is related to insufficient data authentication checks. Exploiting this...
PT-2022-7107 · Ibm · Ibm Security Verify Governance
Name of the Vulnerable Software and Affected Versions: IBM Security Verify Governance, Identity Manager version 10.0.1 Description: The issue is related to weaknesses in the authentication procedure of the Identity Manager component, which could allow an authenticated user to modify or cancel any...
The vulnerability of the implementation of the AAA TACACS+ protocol in the Brocade Fabric OS operating system allows a intruder to trigger a service failure.
The vulnerability of the aaa tacacs+ protocol implementation in the Brocade Fabric OS operating system is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...
The vulnerability of the RDP server FreeRDP, related to deficiencies in the authentication process, allows attackers to bypass the authentication process.
The vulnerability of the RDP server FreeRDP is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to bypass the authentication process remotely...
The vulnerability of the Home Network Administration Protocol (HNAP) implementation in D-Link DIR-1935 router microsoftware allows a hacker to circumvent security restrictions.
The vulnerability of the Home Network Administration Protocol HNAP implementation in D-Link DIR-1935 router microprogramming software is related to deficiencies in authentication procedures. Exploiting this vulnerability allows a malicious actor to circumvent security restrictions remotely...
PT-2022-24213 · Unknown · Upsmon Pro
Name of the Vulnerable Software and Affected Versions: UPSMON Pro affected versions not specified Description: The UPSMON Pro login function has insufficient authentication, allowing an unauthenticated remote attacker to bypass authentication and gain administrator privileges to access, control t...
Cisco Adaptive Security Appliance(ASA)Software和Cisco Firepower Threat Defense(FTD)Software 安全漏洞
Cisco Firepower Threat Defense FTD and Cisco Adaptive Security Appliance are both products of Cisco Corporation.Cisco Firepower Threat Defense is a suite of unified software that provides next-generation firewall services. Cisco Adaptive Security Appliance is a network appliance. It is used to...
CVE-2022-37298
Shinken Solutions Shinken Monitoring Version 2.4.3 affected is vulnerable to Incorrect Access Control. The SafeUnpickler class found in shinken/safepickle.py implements a weak authentication scheme when unserializing objects passed from monitoring nodes to the Shinken monitoring server...
The vulnerability of the SMTP server of the SuiteCRM system, which manages customer relationships, allows attackers to compromise the integrity of the protected information.
The vulnerability of the SMTP server of the SuiteCRM system for managing customer relationships is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to compromise the integrity of the protected information...
The vulnerability of the Valmet System 2019 software suite (Metso DNA) lies in the lack of authentication for a critical function, allowing a perpetrator to execute arbitrary codes.
The vulnerability of the Valmet System 2019 software suite Metso DNA is related to the lack of authentication for a critical function. Exploiting this vulnerability allows a remote attacker to execute any code on the server...
The vulnerability of Xen hypervisors, related to deficiencies in the authorization process, allows attackers to gain unauthorized access to protected information.
The vulnerability of Xen hypervisors is related to deficiencies in the authentication process. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
The vulnerability of the Corosync/Pacemaker PCS configuration tool is related to deficiencies in the authentication process, which allows attackers to escalate their privileges.
The vulnerability of the Corosync/Pacemaker PCS configuration tool is related to deficiencies in the authentication process. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...
The vulnerability of the API component of the Cisco ACI Multi-Site Orchestrator (MSO) allows a attacker to increase their privileges.
The vulnerability of the API component of the Cisco ACI Multi-Site Orchestrator MSO is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to gain increased privileges...