Total
3419 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-3620 | 1 Apache | 1 Qpid | 2012-08-14 | N/A |
| Apache Qpid 0.12 does not properly verify credentials during the joining of a cluster, which allows remote attackers to obtain access to the messaging functionality and job functionality of a cluster by leveraging knowledge of a cluster-username. | ||||
| CVE-2009-2070 | 1 Opera | 1 Opera Browser | 2012-06-07 | N/A |
| Opera displays a cached certificate for a (1) 4xx or (2) 5xx CONNECT response page returned by a proxy server, which allows man-in-the-middle attackers to spoof an arbitrary https site by letting a browser obtain a valid certificate from this site during one request, and then sending the browser a crafted 502 response page upon a subsequent request. | ||||
| CVE-2012-0675 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2012-05-30 | N/A |
| Time Machine in Apple Mac OS X before 10.7.4 does not require continued use of SRP-based authentication after this authentication method is first used, which allows remote attackers to read Time Capsule credentials by spoofing the backup volume. | ||||
| CVE-2012-1256 | 1 Easyvista | 1 Easyvista | 2012-03-21 | N/A |
| The single sign-on (SSO) implementation in EasyVista before 2010.1.1.89 allows remote attackers to bypass authentication via a modified url_account parameter, in conjunction with a valid login name in the SSPI_HEADER parameter, to index.php. | ||||
| CVE-2011-4214 | 1 Oneorzero | 1 Aims | 2012-01-27 | N/A |
| OneOrZero Action & Information Management System (AIMS) 2.7.0 allows remote attackers to bypass authentication and obtain administrator privileges via a crafted oozimsrememberme cookie. | ||||
| CVE-2011-4644 | 1 Splunk | 1 Splunk | 2012-01-26 | N/A |
| Splunk 4.2.5 and earlier, when a Free license is selected, enables potentially undesirable functionality within an environment that intentionally does not support authentication, which allows remote attackers to (1) read arbitrary files via a management-console session that leverages the ability to create crafted data sources, or (2) execute management commands via an HTTP request. | ||||
| CVE-2011-2176 | 1 Gnome | 1 Networkmanager | 2012-01-19 | N/A |
| GNOME NetworkManager before 0.8.6 does not properly enforce the auth_admin element in PolicyKit, which allows local users to bypass intended wireless network sharing restrictions via unspecified vectors. | ||||
| CVE-2008-0640 | 1 Symantec | 1 Ghost Solutions Suite | 2011-07-25 | N/A |
| Symantec Ghost Solution Suite 1.1 before 1.1 patch 2, 2.0.0, and 2.0.1 does not authenticate connections between the console and the Ghost Management Agent, which allows remote attackers to execute arbitrary commands via unspecified RPC requests in conjunction with ARP spoofing. | ||||
| CVE-2011-1766 | 1 Mediawiki | 1 Mediawiki | 2011-06-16 | N/A |
| includes/User.php in MediaWiki before 1.16.5, when wgBlockDisablesLogin is enabled, does not clear certain cached data after verification of an auth token fails, which allows remote attackers to bypass authentication by creating crafted wikiUserID and wikiUserName cookies, or by leveraging an unattended workstation. | ||||
| CVE-2011-0453 | 1 F-secure | 1 Internet Gatekeeper | 2011-03-11 | N/A |
| F-Secure Internet Gatekeeper for Linux 3.x before 3.03 does not require authentication for reading access logs, which allows remote attackers to obtain potentially sensitive information via a TCP session on the admin UI port. | ||||
| CVE-2009-0492 | 1 Simpleircbot | 1 Simpleircbot | 2011-03-08 | N/A |
| Unspecified vulnerability in SimpleIrcBot before 1.0 Stable has unknown impact and attack vectors related to an "auth vulnerability." | ||||
| CVE-2009-0138 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2011-03-08 | N/A |
| servermgrd (Server Manager) in Apple Mac OS X 10.5.6 does not properly validate authentication credentials, which allows remote attackers to modify the system configuration. | ||||
| CVE-2008-5686 | 1 Ibm | 1 Tivoli Provisioning Manager | 2011-03-08 | N/A |
| IBM Tivoli Provisioning Manager (TPM) before 5.1.1.1 IF0006, when its LDAP service is shared with other applications, does not require that an LDAP user be listed in the TPM user records, which allows remote authenticated users to execute SOAP commands that access arbitrary TPM functionality, as demonstrated by running provisioning workflows. | ||||
| CVE-2008-4223 | 1 Apple | 1 Mac Os X Server | 2011-03-08 | N/A |
| Podcast Producer in Apple Mac OS X 10.5 before 10.5.6 allows remote attackers to bypass authentication and gain administrative access via unspecified vectors. | ||||
| CVE-2008-1130 | 1 Ibm | 1 Websphere Mq | 2011-03-08 | N/A |
| Unspecified vulnerability in IBM WebSphere MQ 6.0.x before 6.0.2.2 and 5.3 before Fix Pack 14 allows attackers to bypass access restrictions for a queue manager via a SVRCONN (MQ client) channel. | ||||
| CVE-2008-0895 | 1 Bea | 1 Weblogic Server | 2011-03-08 | N/A |
| BEA WebLogic Server and WebLogic Express 6.1 through 10.0 allows remote attackers to bypass authentication for application servlets via crafted request headers. | ||||
| CVE-2007-6130 | 1 Gnu | 1 Gnump3d | 2011-03-08 | N/A |
| gnump3d 2.9final does not apply password protection to its plugins, which might allow remote attackers to bypass intended access restrictions. | ||||
| CVE-2007-5862 | 1 Apple | 1 Mac Os X | 2011-03-08 | N/A |
| Java in Mac OS X 10.4 through 10.4.11 allows remote attackers to bypass Keychain access controls and add or delete arbitrary Keychain items via a crafted Java applet. | ||||
| CVE-2007-5797 | 1 Apache | 1 Geronimo | 2011-03-08 | N/A |
| SQLLoginModule in Apache Geronimo 2.0 through 2.1 does not throw an exception for a nonexistent username, which allows remote attackers to bypass authentication via a login attempt with any username not contained in the database. | ||||
| CVE-2007-5391 | 1 Hp | 1 Select Identity | 2011-03-08 | N/A |
| Unspecified vulnerability in HP Select Identity 4.01 through 4.01.010 and 4.10 through 4.13.001 allows remote attackers to obtain unspecified access via unknown vectors. | ||||