Search
Total
453 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-6549 | 1 Nutspace | 1 Nut Mobile | 2019-10-09 | 3.3 LOW | 4.3 MEDIUM |
| The Zizai Tech Nut device allows unauthenticated Bluetooth pairing, which enables unauthenticated connected applications to write data to the device name attribute. | |||||
| CVE-2018-8902 | 1 Ivanti | 1 Avalanche | 2019-10-03 | 4.0 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Ivanti Avalanche for all versions between 5.3 and 6.2. The impacted products used a single shared key encryption model to encrypt data. A user with access to system databases can use the discovered key to access potentially confidential stored data, which may include Wi-Fi passwords. This discovered key can be used for all instances of the product. | |||||
| CVE-2018-3815 | 1 Stalker | 1 Communigate Pro | 2019-10-03 | 3.5 LOW | 5.7 MEDIUM |
| The "XML Interface to Messaging, Scheduling, and Signaling" (XIMSS) protocol implementation in CommuniGate Pro (CGP) 6.2 suffers from a Missing XIMSS Protocol Validation attack that leads to an email spoofing attack, allowing a malicious authenticated attacker to send a message from any source email address. The attack uses an HTTP POST request to a /Session URI, and interchanges the XML From and To elements. | |||||
| CVE-2018-20342 | 1 Floureon | 1 Sp012 | 2019-10-03 | 7.2 HIGH | 6.8 MEDIUM |
| The Floureon IP Camera SP012 provides a root terminal on a UART serial interface without proper access control. This allows attackers with physical access to execute arbitrary commands with root privileges. | |||||
| CVE-2018-19937 | 1 Videolan | 1 Vlc For Mobile | 2019-10-03 | 4.6 MEDIUM | 6.6 MEDIUM |
| A local, authenticated attacker can bypass the passcode in the VideoLAN VLC media player app before 3.1.5 for iOS by opening a URL and turning the phone. | |||||
| CVE-2018-17534 | 1 Teltonika | 6 Rut900, Rut900 Firmware, Rut950 and 3 more | 2019-10-03 | 7.2 HIGH | 6.8 MEDIUM |
| Teltonika RUT9XX routers with firmware before 00.04.233 provide a root terminal on a serial interface without proper access control. This allows attackers with physical access to execute arbitrary commands with root privileges. | |||||
| CVE-2018-1286 | 1 Apache | 1 Openmeetings | 2019-10-03 | 4.0 MEDIUM | 6.5 MEDIUM |
| In Apache OpenMeetings 3.0.0 - 4.0.1, CRUD operations on privileged users are not password protected allowing an authenticated attacker to deny service for privileged users. | |||||
| CVE-2018-11770 | 1 Apache | 1 Spark | 2019-10-03 | 4.9 MEDIUM | 4.2 MEDIUM |
| From version 1.3.0 onward, Apache Spark's standalone master exposes a REST API for job submission, in addition to the submission mechanism used by spark-submit. In standalone, the config property 'spark.authenticate.secret' establishes a shared secret for authenticating requests to submit jobs via spark-submit. However, the REST API does not use this or any other authentication mechanism, and this is not adequately documented. In this case, a user would be able to run a driver program without authenticating, but not launch executors, using the REST API. This REST API is also used by Mesos, when set up to run in cluster mode (i.e., when also running MesosClusterDispatcher), for job submission. Future versions of Spark will improve documentation on these points, and prohibit setting 'spark.authenticate.secret' when running the REST APIs, to make this clear. Future versions will also disable the REST API by default in the standalone master by changing the default value of 'spark.master.rest.enabled' to 'false'. | |||||
| CVE-2018-10825 | 1 Mimobaby | 2 Mimo Baby 2, Mimo Baby 2 Firmware | 2019-10-03 | 2.9 LOW | 5.3 MEDIUM |
| Mimo Baby 2 devices do not use authentication or encryption for the Bluetooth Low Energy (BLE) communication from a Turtle to a Lilypad, which allows attackers to inject fake information about the position and temperature of a baby via a replay or spoofing attack. | |||||
| CVE-2017-8879 | 1 Dolibarr | 1 Dolibarr | 2019-10-03 | 4.6 MEDIUM | 6.8 MEDIUM |
| Dolibarr ERP/CRM 4.0.4 allows password changes without supplying the current password, which makes it easier for physically proximate attackers to obtain access via an unattended workstation. | |||||
| CVE-2017-7650 | 2 Debian, Eclipse | 2 Debian Linux, Mosquitto | 2019-10-03 | 4.0 MEDIUM | 6.5 MEDIUM |
| In Mosquitto before 1.4.12, pattern based ACLs can be bypassed by clients that set their username/client id to '#' or '+'. This allows locally or remotely connected clients to access MQTT topics that they do have the rights to. The same issue may be present in third party authentication/access control plugins for Mosquitto. | |||||
| CVE-2017-6781 | 1 Cisco | 1 Policy Suite | 2019-10-03 | 4.6 MEDIUM | 5.3 MEDIUM |
| A vulnerability in the management of shell user accounts for Cisco Policy Suite (CPS) Software for CPS appliances could allow an authenticated, local attacker to gain elevated privileges on an affected system. The affected privilege level is not at the root level. The vulnerability is due to incorrect role-based access control (RBAC) for shell user accounts. An attacker could exploit this vulnerability by authenticating to an affected appliance and providing crafted user input via the CLI. A successful exploit could allow the attacker to acquire a higher privilege level than should have been granted. To exploit this vulnerability, the attacker must log in to the appliance with valid credentials. Cisco Bug IDs: CSCve37724. Known Affected Releases: 9.0.0, 9.1.0, 10.0.0, 11.0.0, 12.0.0. | |||||
| CVE-2017-6624 | 1 Cisco | 1 Ios | 2019-10-03 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability in Cisco IOS 15.5(3)M Software for Cisco CallManager Express (CME) could allow an unauthenticated, remote attacker to make unauthorized phone calls. The vulnerability is due to a configuration restriction in the toll-fraud protections component of the affected software. An attacker could exploit this vulnerability to place unauthorized, long-distance phone calls by using an affected system. Cisco Bug IDs: CSCuy40939. | |||||
| CVE-2017-3795 | 1 Cisco | 1 Webex Meetings Server | 2019-10-03 | 6.5 MEDIUM | 5.4 MEDIUM |
| A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to conduct arbitrary password changes against any non-administrative user. More Information: CSCuz03345. Known Affected Releases: 2.6. Known Fixed Releases: 2.7.1.12. | |||||
| CVE-2017-2721 | 1 Huawei | 22 Berlin-l21, Berlin-l21 Firmware, Berlin-l21hn and 19 more | 2019-10-03 | 2.1 LOW | 4.6 MEDIUM |
| Some Huawei smart phones with software Berlin-L21C10B130,Berlin-L21C185B133,Berlin-L21HNC10B131,Berlin-L21HNC185B140,Berlin-L21HNC432B151,Berlin-L22C636B160,Berlin-L22HNC636B130,Berlin-L22HNC675B150CUSTC675D001,Berlin-L23C605B131,Berlin-L24HNC567B110,FRD-L02C432B120,FRD-L02C635B130,FRD-L02C675B170CUSTC675D001,FRD-L04C567B162,FRD-L04C605B131,FRD-L09C10B130,FRD-L09C185B130,FRD-L09C432B131,FRD-L09C636B130,FRD-L14C567B162,FRD-L19C10B130,FRD-L19C432B131,FRD-L19C636B130 have a factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the configuration flow by Swype Keyboard and can perform some operations to update the Google account. As a result, the FRP function is bypassed. | |||||
| CVE-2017-1783 | 2 Ibm, Netapp | 2 Cognos Analytics, Oncommand Insight | 2019-10-03 | 2.1 LOW | 4.0 MEDIUM |
| IBM Cognos Analytics 11.0 could allow a local user to change parameters set from the Cognos Analytics menus without proper authentication. IBM X-Force ID: 136857. | |||||
| CVE-2017-17161 | 1 Huawei | 2 Duke-l09, Duke-l09 Firmware | 2019-10-03 | 7.2 HIGH | 6.8 MEDIUM |
| The 'Find Phone' function in some Huawei smart phones with software earlier than Duke-L09C10B186 versions, earlier than Duke-L09C432B187 versions, earlier than Duke-L09C636B186 versions has an authentication bypass vulnerability. Due to improper authentication realization in the 'Find Phone' function. An attacker may exploit the vulnerability to bypass the 'Find Phone' function in order to use the phone normally. | |||||
| CVE-2017-16242 | 1 Meco | 2 Usb Memory Stick With Fingerprint, Usb Memory Stick With Fingerprint Firwmare | 2019-10-03 | 7.2 HIGH | 6.8 MEDIUM |
| An issue was discovered on MECO USB Memory Stick with Fingerprint MECOZiolsamDE601 devices. The fingerprint authentication requirement for data access can be bypassed. An attacker with physical access can send a static packet to a serial port exposed on the PCB to unlock the key and get access to the data without possessing the required fingerprint. | |||||
| CVE-2017-15534 | 1 Symantec | 1 Norton App Lock | 2019-10-03 | 7.2 HIGH | 6.7 MEDIUM |
| The Norton App Lock prior to version 1.3.0.13 can be susceptible to an authentication bypass exploit. In this type of circumstance, the exploit can allow the user to kill the app to prevent it from locking the device, thereby allowing the individual to gain device access. | |||||
| CVE-2017-15272 | 1 Psftp | 1 Psftpd | 2019-10-03 | 2.1 LOW | 5.3 MEDIUM |
| The PSFTPd 10.0.4 Build 729 server stores its configuration inside PSFTPd.dat. This file is a Microsoft Access Database and can be extracted. The application sets the encrypt flag with the password "ITsILLEGAL"; however, this password is not required to extract the data. Cleartext is used for a user password. | |||||
| CVE-2017-10709 | 2 Elephone, Google | 2 P9000, Android | 2019-10-03 | 7.2 HIGH | 6.8 MEDIUM |
| The lockscreen on Elephone P9000 devices (running Android 6.0) allows physically proximate attackers to bypass a wrong-PIN lockout feature by pressing backspace after each PIN guess. | |||||
| CVE-2017-1002024 | 1 Kindsoft | 2 Kind Editor, Kindeditor | 2019-10-03 | 4.0 MEDIUM | 4.3 MEDIUM |
| Vulnerability in web application Kind Editor v4.1.12, kindeditor/php/upload_json.php does not check authentication before allow users to upload files. | |||||
| CVE-2017-1000110 | 1 Jenkins | 1 Blue Ocean | 2019-10-03 | 4.0 MEDIUM | 4.3 MEDIUM |
| Blue Ocean allows the creation of GitHub organization folders that are set up to scan a GitHub organization for repositories and branches containing a Jenkinsfile, and create corresponding pipelines in Jenkins. It did not properly check the current user's authentication and authorization when configuring existing GitHub organization folders. This allowed users with read access to the GitHub organization folder to reconfigure it, including changing the GitHub API endpoint for the organization folder to an attacker-controlled server to obtain the GitHub access token, if the organization folder was initially created using Blue Ocean. | |||||
| CVE-2014-2005 | 1 Sophos | 1 Enterprise Console | 2019-09-27 | 6.9 MEDIUM | 6.8 MEDIUM |
| Sophos Disk Encryption (SDE) 5.x in Sophos Enterprise Console (SEC) 5.x before 5.2.2 does not enforce intended authentication requirements for a resume action from sleep mode, which allows physically proximate attackers to obtain desktop access by leveraging the absence of a login screen. | |||||
| CVE-2019-14239 | 1 Nxp | 6 Kinetis K8x, Kinetis K8x Firmware, Kinetis Kv1x and 3 more | 2019-09-25 | 4.6 MEDIUM | 6.6 MEDIUM |
| On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls (FAC) (a software IP protection method for execute-only access) can be defeated by leveraging a load instruction inside the execute-only region to expose the protected code into a CPU register. | |||||
| CVE-2019-14238 | 1 St | 12 Stm32f4, Stm32f4 Firmware, Stm32f7 and 9 more | 2019-09-25 | 4.6 MEDIUM | 6.6 MEDIUM |
| On STMicroelectronics STM32F7 devices, Proprietary Code Read Out Protection (PCROP) (a software IP protection method) can be defeated with a debug probe via the Instruction Tightly Coupled Memory (ITCM) bus. | |||||
| CVE-2016-10983 | 1 Ghost | 1 Ghost | 2019-09-18 | 4.0 MEDIUM | 6.5 MEDIUM |
| The ghost plugin before 0.5.6 for WordPress has no access control for wp-admin/tools.php?ghostexport=true downloads of exported data. | |||||
| CVE-2019-13190 | 1 Eng | 1 Knowage | 2019-09-06 | 5.0 MEDIUM | 5.3 MEDIUM |
| In Knowage through 6.1.1, the sign up page does not invalidate a valid CAPTCHA token. This allows for CAPTCHA bypass in the signup page. | |||||
| CVE-2018-1129 | 4 Ceph, Debian, Opensuse and 1 more | 10 Ceph, Debian Linux, Leap and 7 more | 2019-08-29 | 3.3 LOW | 6.5 MEDIUM |
| A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable. | |||||
| CVE-2018-14008 | 1 Arista | 1 Eos | 2019-08-28 | 3.3 LOW | 6.5 MEDIUM |
| Arista EOS through 4.21.0F allows a crash because 802.1x authentication is mishandled. | |||||
| CVE-2016-10836 | 1 Cpanel | 1 Cpanel | 2019-08-13 | 4.0 MEDIUM | 6.5 MEDIUM |
| cPanel before 55.9999.141 allows arbitrary file-read operations during authentication with caldav (SEC-108). | |||||
| CVE-2016-10832 | 1 Cpanel | 1 Cpanel | 2019-08-12 | 4.0 MEDIUM | 6.5 MEDIUM |
| cPanel before 55.9999.141 allows FTP cPHulk bypass via account name munging (SEC-102). | |||||
| CVE-2016-10835 | 1 Cpanel | 1 Cpanel | 2019-08-12 | 4.0 MEDIUM | 4.3 MEDIUM |
| cPanel before 55.9999.141 allows a POP/IMAP cPHulk bypass via account name munging (SEC-107). | |||||
| CVE-2018-20937 | 1 Cpanel | 1 Cpanel | 2019-08-12 | 4.0 MEDIUM | 4.3 MEDIUM |
| cPanel before 68.0.27 does not validate database and dbuser names during renames (SEC-321). | |||||
| CVE-2018-20924 | 1 Cpanel | 1 Cpanel | 2019-08-08 | 7.5 HIGH | 5.5 MEDIUM |
| cPanel before 70.0.23 allows arbitrary file-read and file-unlink operations via WHM style uploads (SEC-378). | |||||
| CVE-2018-20888 | 1 Cpanel | 1 Cpanel | 2019-08-07 | 4.9 MEDIUM | 5.5 MEDIUM |
| cPanel before 74.0.0 allows file modification in the context of the root account because of incorrect HTTP authentication (SEC-424). | |||||
| CVE-2018-18095 | 1 Intel | 4 Ssd Dc S4500, Ssd Dc S4500 Firmware, Ssd Dc S4600 and 1 more | 2019-07-26 | 4.6 MEDIUM | 6.8 MEDIUM |
| Improper authentication in firmware for Intel(R) SSD DC S4500 Series and Intel(R) SSD DC S4600 Series before SCV10150 may allow an unprivileged user to potentially enable escalation of privilege via physical access. | |||||
| CVE-2019-7218 | 1 Citrix | 1 Sharefile | 2019-07-09 | 4.3 MEDIUM | 5.9 MEDIUM |
| Citrix ShareFile before 19.23 allows a downgrade from two-factor authentication to one-factor authentication. An attacker with access to the offline victim's otp physical token or virtual app (like google authenticator) is able to bypass the first authentication phase (username/password mechanism) and log-in using username/otp combination only (phase 2 of 2FA). | |||||
| CVE-2019-10689 | 1 Polycom | 2 Better Together Over Ethernet Connector, Unified Communications Software | 2019-06-27 | 3.3 LOW | 6.5 MEDIUM |
| VVX products using UCS software version 5.9.2 and earlier with Better Together over Ethernet Connector (BToE) application version 3.9.1 and earlier provides insufficient authentication between the BToE application and the BToE component, resulting in leakage of sensitive information. | |||||
| CVE-2019-10998 | 1 Phoenixcontact | 4 Axc F 2152, Axc F 2152 Firmware, Axc F 2152 Starterkit and 1 more | 2019-06-20 | 4.6 MEDIUM | 6.8 MEDIUM |
| An issue was discovered on Phoenix Contact AXC F 2152 (No.2404267) before 2019.0 LTS and AXC F 2152 STARTERKIT (No.1046568) before 2019.0 LTS devices. Unlimited physical access to the PLC may lead to a manipulation of SD cards data. SD card manipulation may lead to an authentication bypass opportunity. | |||||
| CVE-2019-5298 | 1 Huawei | 2 Ap4050dn-e, Ap4050dn-e Firmware | 2019-06-05 | 4.6 MEDIUM | 6.8 MEDIUM |
| There is an improper authentication vulnerability in some Huawei AP products before version V200R009C00SPC800. Due to the improper implementation of authentication for the serial port, an attacker could exploit this vulnerability by connecting to the affected products and running a series of commands. | |||||
| CVE-2018-1999045 | 1 Jenkins | 1 Jenkins | 2019-05-08 | 5.5 MEDIUM | 5.4 MEDIUM |
| A improper authentication vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in SecurityRealm.java, TokenBasedRememberMeServices2.java that allows attackers with a valid cookie to remain logged in even if that feature is disabled. | |||||
| CVE-2018-12192 | 1 Intel | 2 Converged Security Management Engine Firmware, Server Platform Services Firmware | 2019-04-04 | 7.2 HIGH | 6.8 MEDIUM |
| Logic bug in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before version SPS_E5_04.00.04.393.0 may allow an unauthenticated user to potentially bypass MEBx authentication via physical access. | |||||
| CVE-2018-12399 | 2 Canonical, Mozilla | 2 Ubuntu Linux, Firefox | 2019-03-01 | 4.3 MEDIUM | 4.3 MEDIUM |
| When a new protocol handler is registered, the API accepts a title argument which can be used to mislead users about which domain is registering the new protocol. This may result in the user approving a protocol handler that they otherwise would not have. This vulnerability affects Firefox < 63. | |||||
| CVE-2018-19505 | 1 Bmc | 1 Remedy Action Request System Server | 2019-02-15 | 4.0 MEDIUM | 6.5 MEDIUM |
| Remedy AR System Server in BMC Remedy 7.1 may fail to set the correct user context in certain impersonation scenarios, which can allow a user to act with the identity of a different user, because userdata.js in the WOI:WorkOrderConsole component allows a username substitution involving a UserData_Init call. | |||||
| CVE-2018-9080 | 1 Lenovo | 40 Ez Media \& Backup Center, Ez Media \& Backup Center Firmware, Ix2 and 37 more | 2019-01-08 | 4.3 MEDIUM | 5.9 MEDIUM |
| For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, by setting the Iomega cookie to a known value before logging into the NAS's web application, the NAS will not provide the user a new cookie value. This allows an attacker who knows the cookie's value to compromise the user's session. | |||||
| CVE-2018-7108 | 1 Hpe | 1 Storageworks Xp7 Automation Director | 2019-01-07 | 4.3 MEDIUM | 5.9 MEDIUM |
| HPE StorageWorks XP7 Automation Director (AutoDir) version 8.5.2-02 to earlier than 8.6.1-00 has a local and remote authentication bypass vulnerability that exposed the user authentication information of the storage system. This problem sometimes occurred under specific conditions when running a service template. | |||||
| CVE-2018-16737 | 1 Tinc-vpn | 1 Tinc | 2019-01-03 | 5.0 MEDIUM | 5.3 MEDIUM |
| tinc before 1.0.30 has a broken authentication protocol, without even a partial mitigation. | |||||
| CVE-2018-3696 | 1 Intel | 1 Raid Web Console 3 | 2018-12-31 | 2.1 LOW | 5.5 MEDIUM |
| Authentication bypass in the Intel RAID Web Console 3 for Windows before 4.186 may allow an unprivileged user to potentially gain administrative privileges via local access. | |||||
| CVE-2018-7910 | 1 Huawei | 10 Alp-al00b, Alp-al00b Firmware, Alp-tl00b and 7 more | 2018-12-12 | 4.6 MEDIUM | 6.8 MEDIUM |
| Some Huawei smartphones ALP-AL00B 8.0.0.118D(C00), ALP-TL00B 8.0.0.118D(C01), BLA-AL00B 8.0.0.118D(C00), BLA-L09C 8.0.0.127(C432), 8.0.0.128(C432), 8.0.0.137(C432), BLA-L29C 8.0.0.129(C432), 8.0.0.137(C432) have an authentication bypass vulnerability. When the attacker obtains the user's smartphone, the vulnerability can be used to replace the start-up program so that the attacker can obtain the information in the smartphone and achieve the purpose of controlling the smartphone. | |||||