Search
Total
2785 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-33700 | 1 Sap | 1 Business One | 2021-09-28 | 4.6 MEDIUM | 7.8 HIGH |
| SAP Business One, version - 10.0, allows a local attacker with access to the victim's browser under certain circumstances, to login as the victim without knowing his/her password. The attacker could so obtain highly sensitive information which the attacker could use to take substantial control of the vulnerable application. | |||||
| CVE-2021-3145 | 1 Ionic | 1 Identity Vault | 2021-09-24 | 7.2 HIGH | 6.7 MEDIUM |
| In Ionic Identity Vault before 5, a local root attacker on an Android device can bypass biometric authentication. | |||||
| CVE-2021-25466 | 1 Samsung | 1 Internet | 2021-09-23 | 5.0 MEDIUM | 5.9 MEDIUM |
| Improper scheme check vulnerability in Samsung Internet prior to version 15.0.2.47 allows attackers to perform Man-in-the-middle attack and obtain Samsung Account token. | |||||
| CVE-2021-25451 | 1 Google | 1 Android | 2021-09-23 | 4.3 MEDIUM | 3.3 LOW |
| A PendingIntent hijacking in NetworkPolicyManagerService prior to SMR Sep-2021 Release 1 allows attackers to get IMSI data. | |||||
| CVE-2021-28495 | 1 Arista | 2 7130, Metamako Operating System | 2021-09-22 | 6.8 MEDIUM | 9.8 CRITICAL |
| In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, under certain conditions, user authentication can be bypassed when API access is enabled via the JSON-RPC APIs. This issue affects: Arista Metamako Operating System All releases in the MOS-0.1x train MOS-0.13 and post releases in the MOS-0.1x train MOS-0.26.6 and below releases in the MOS-0.2x train MOS-0.31.1 and below releases in the MOS-0.3x train | |||||
| CVE-2021-39296 | 1 Openbmc-project | 1 Openbmc | 2021-09-22 | 10.0 HIGH | 10.0 CRITICAL |
| In OpenBMC 2.9, crafted IPMI messages allow an attacker to bypass authentication and gain full control of the system. | |||||
| CVE-2021-28494 | 1 Arista | 2 7130, Metamako Operating System | 2021-09-22 | 6.5 MEDIUM | 8.8 HIGH |
| In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, under certain conditions, authentication is bypassed by unprivileged users who are accessing the Web UI. This issue affects: Arista Metamako Operating System MOS-0.34.0 and prior releases | |||||
| CVE-2021-30720 | 1 Apple | 6 Ipad Os, Iphone Os, Macos and 3 more | 2021-09-22 | 5.8 MEDIUM | 5.4 MEDIUM |
| A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to access restricted ports on arbitrary servers. | |||||
| CVE-2021-28493 | 1 Arista | 2 7130, Metamako Operating System | 2021-09-22 | 4.6 MEDIUM | 7.8 HIGH |
| In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, under certain conditions, a user may be able to execute commands despite not having the privileges to do so. This issue affects: Arista Metamako Operating System All releases in the MOS-0.1x train MOS-0.32.0 and prior releases | |||||
| CVE-2021-26118 | 2 Apache, Netapp | 2 Activemq Artemis, Oncommand Workflow Automation | 2021-09-21 | 5.0 MEDIUM | 7.5 HIGH |
| While investigating ARTEMIS-2964 it was found that the creation of advisory messages in the OpenWire protocol head of Apache ActiveMQ Artemis 2.15.0 bypassed policy based access control for the entire session. Production of advisory messages was not subject to access control in error. | |||||
| CVE-2021-34786 | 1 Cisco | 1 Broadworks Commpilot Application Software | 2021-09-17 | 4.0 MEDIUM | 4.9 MEDIUM |
| Multiple vulnerabilities in Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to delete arbitrary user accounts or gain elevated privileges on an affected system. | |||||
| CVE-2021-34785 | 1 Cisco | 1 Broadworks Commpilot Application Software | 2021-09-17 | 6.5 MEDIUM | 7.2 HIGH |
| Multiple vulnerabilities in Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to delete arbitrary user accounts or gain elevated privileges on an affected system. | |||||
| CVE-2021-1863 | 1 Apple | 2 Ipados, Iphone Os | 2021-09-16 | 2.1 LOW | 2.4 LOW |
| An issue existed with authenticating the action triggered by an NFC tag. The issue was addressed with improved action authentication. This issue is fixed in iOS 14.5 and iPadOS 14.5. A person with physical access to an iOS device may be able to place phone calls to any phone number. | |||||
| CVE-2021-30668 | 1 Apple | 1 Macos | 2021-09-16 | 2.1 LOW | 4.6 MEDIUM |
| This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.4. A person with physical access to a Mac may be able to bypass Login Window during a software update. | |||||
| CVE-2021-30667 | 1 Apple | 2 Ipados, Iphone Os | 2021-09-16 | 4.8 MEDIUM | 5.4 MEDIUM |
| A logic issue was addressed with improved validation. This issue is fixed in iOS 14.6 and iPadOS 14.6. An attacker in WiFi range may be able to force a client to use a less secure authentication mechanism. | |||||
| CVE-2021-1862 | 1 Apple | 2 Ipados, Iphone Os | 2021-09-16 | 2.1 LOW | 2.4 LOW |
| Description: A person with physical access may be able to access contacts. This issue is fixed in iOS 14.5 and iPadOS 14.5. Impact: An issue with Siri search access to information was addressed with improved logic. | |||||
| CVE-2021-30702 | 1 Apple | 2 Mac Os X, Macos | 2021-09-16 | 2.1 LOW | 4.6 MEDIUM |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. A person with physical access to a Mac may be able to bypass Login Window. | |||||
| CVE-2021-30769 | 1 Apple | 3 Iphone Os, Tvos, Watchos | 2021-09-15 | 4.3 MEDIUM | 5.5 MEDIUM |
| A logic issue was addressed with improved state management. This issue is fixed in iOS 14.7, tvOS 14.7, watchOS 7.6. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. | |||||
| CVE-2021-30770 | 1 Apple | 3 Iphone Os, Tvos, Watchos | 2021-09-15 | 4.9 MEDIUM | 5.5 MEDIUM |
| A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, tvOS 14.7, watchOS 7.6. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations. | |||||
| CVE-2021-30605 | 2 Google, Microsoft | 4 Chrome Os Readiness Tool, Windows 10, Windows 7 and 1 more | 2021-09-15 | 4.6 MEDIUM | 7.8 HIGH |
| Inappropriate implementation in the ChromeOS Readiness Tool installer on Windows prior to 1.0.2.0 loosens DCOM access rights on two objects allowing an attacker to potentially bypass discretionary access controls. | |||||
| CVE-2020-11264 | 1 Qualcomm | 252 Apq8053, Apq8053 Firmware, Apq8064au and 249 more | 2021-09-14 | 10.0 HIGH | 9.8 CRITICAL |
| Improper authentication of Non-EAPOL/WAPI plaintext frames during four-way handshake can lead to arbitrary network packet injection in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music | |||||
| CVE-2020-11301 | 1 Qualcomm | 534 Apq8009, Apq8009 Firmware, Apq8017 and 531 more | 2021-09-14 | 5.0 MEDIUM | 7.5 HIGH |
| Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-39196 | 1 Pcapture Project | 1 Pcapture | 2021-09-14 | 6.8 MEDIUM | 6.5 MEDIUM |
| pcapture is an open source dumpcap web service interface . In affected versions this vulnerability allows an authenticated but unprivileged user to use the REST API to capture and download packets with no capture filter and without adequate permissions. This is important because the capture filters can effectively limit the scope of information that a user can see in the data captures. If no filter is present, then all data on the local network segment where the program is running can be captured and downloaded. v3.12 fixes this problem. There is no workaround, you must upgrade to v3.12 or greater. | |||||
| CVE-2021-21513 | 1 Dell | 1 Openmanage Server Administrator | 2021-09-14 | 7.5 HIGH | 9.8 CRITICAL |
| Dell EMC OpenManage Server Administrator (OMSA) version 9.5 Microsoft Windows installations with Distributed Web Server (DWS) enabled configuration contains an authentication bypass vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to gain admin access on the affected system. | |||||
| CVE-2017-3854 | 1 Cisco | 12 2500 Wireless Lan Controller, 2504 Wireless Lan Controller, 5500 Wireless Lan Controller and 9 more | 2021-09-14 | 8.3 HIGH | 8.8 HIGH |
| A vulnerability in the mesh code of Cisco Wireless LAN Controller (WLC) software could allow an unauthenticated, remote attacker to impersonate a WLC in a meshed topology. The vulnerability is due to insufficient authentication of the parent access point in a mesh configuration. An attacker could exploit this vulnerability by forcing the target system to disconnect from the correct parent access point and reconnect to a rogue access point owned by the attacker. An exploit could allow the attacker to control the traffic flowing through the impacted access point or take full control of the target system. This vulnerability affects the following products running a vulnerable version of Wireless LAN Controller software and configured for meshed mode: Cisco 8500 Series Wireless Controller, Cisco 5500 Series Wireless Controller, Cisco 2500 Series Wireless Controller, Cisco Flex 7500 Series Wireless Controller, Cisco Virtual Wireless Controller, Wireless Services Module 2 (WiSM2). Note that additional configuration is needed in addition to upgrading to a fixed release. Cisco Bug IDs: CSCuc98992 CSCuu14804. | |||||
| CVE-2019-1724 | 1 Cisco | 4 Rv320 Dual Gigabit Wan Vpn Router, Rv320 Dual Gigabit Wan Vpn Router Software, Rv325 Dual Wan Gigabit Vpn Router and 1 more | 2021-09-13 | 6.8 MEDIUM | 8.8 HIGH |
| A vulnerability in the session management functionality of the web-based interface for Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to hijack a valid user session on an affected system. An attacker could use this impersonated session to create a new user account or otherwise control the device with the privileges of the hijacked session. The vulnerability is due to a lack of proper session management controls. An attacker could exploit this vulnerability by sending a crafted HTTP request to a targeted device. A successful exploit could allow the attacker to take control of an existing user session on the device. Exploitation of the vulnerability requires that an authorized user session is active and that the attacker can craft an HTTP request to impersonate that session. | |||||
| CVE-2016-4503 | 1 Moxa | 2 Device Server Web Console 5232-n, Device Server Web Console 5232-n Firmware | 2021-09-13 | 5.0 MEDIUM | 9.8 CRITICAL |
| Moxa Device Server Web Console 5232-N allows remote attackers to bypass authentication, and consequently modify settings and data, via vectors related to reading a cookie parameter containing a UserId value. | |||||
| CVE-2019-6143 | 1 Forcepoint | 1 Next Generation Firewall | 2021-09-10 | 6.4 MEDIUM | 9.1 CRITICAL |
| Forcepoint Next Generation Firewall (Forcepoint NGFW) 6.4.x before 6.4.7, 6.5.x before 6.5.4, and 6.6.x before 6.6.2 has a serious authentication vulnerability that potentially allows unauthorized users to bypass password authentication and access services protected by the NGFW Engine. The vulnerability affects the following NGFW features when the LDAP authentication method is used as the backend authentication: IPsec VPN, SSL VPN or Browser-based user authentication. The vulnerability does not apply when any other backend authentication is used. The RADIUS authentication method is not vulnerable, for example. | |||||
| CVE-2021-34746 | 1 Cisco | 1 Enterprise Nfv Infrastructure Software | 2021-09-10 | 9.3 HIGH | 9.8 CRITICAL |
| A vulnerability in the TACACS+ authentication, authorization and accounting (AAA) feature of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote attacker to bypass authentication and log in to an affected device as an administrator. This vulnerability is due to incomplete validation of user-supplied input that is passed to an authentication script. An attacker could exploit this vulnerability by injecting parameters into an authentication request. A successful exploit could allow the attacker to bypass authentication and log in as an administrator to the affected device. | |||||
| CVE-2021-39177 | 1 Geysermc | 1 Geyser | 2021-09-10 | 7.5 HIGH | 9.8 CRITICAL |
| Geyser is a bridge between Minecraft: Bedrock Edition and Minecraft: Java Edition. Versions of Geyser prior to 1.4.2-SNAPSHOT allow anyone that can connect to the server to forge a LoginPacket with manipulated JWT token allowing impersonation as any user. Version 1.4.2-SNAPSHOT contains a patch for the issue. There are no known workarounds aside from upgrading. | |||||
| CVE-2021-40350 | 1 Christiedigital | 2 Dwu850-gs, Dwu850-gs Firmware | 2021-09-09 | 7.5 HIGH | 9.8 CRITICAL |
| webctrl.cgi.elf on Christie Digital DWU850-GS V06.46 devices allows attackers to perform any desired action via a crafted query containing an unspecified Cookie header. Authentication bypass can be achieved by including an administrative cookie that the device does not validate. | |||||
| CVE-2018-7745 | 1 Cobub | 1 Razor | 2021-09-09 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Western Bridge Cobub Razor 0.7.2. Authentication is not required for /index.php?/install/installation/createuserinfo requests, resulting in account creation. | |||||
| CVE-2021-22002 | 2 Linux, Vmware | 5 Linux Kernel, Cloud Foundation, Identity Manager and 2 more | 2021-09-09 | 7.5 HIGH | 9.8 CRITICAL |
| VMware Workspace ONE Access and Identity Manager, allow the /cfg web app and diagnostic endpoints, on port 8443, to be accessed via port 443 using a custom host header. A malicious actor with network access to port 443 could tamper with host headers to facilitate access to the /cfg web app, in addition a malicious actor could access /cfg diagnostic endpoints without authentication. | |||||
| CVE-2017-10873 | 1 Osstech | 1 Openam | 2021-09-09 | 6.8 MEDIUM | 8.1 HIGH |
| OpenAM (Open Source Edition) allows an attacker to bypass authentication and access unauthorized contents via unspecified vectors. Note that this vulnerability affects OpenAM (Open Source Edition) implementations configured as SAML 2.0IdP, and switches authentication methods based on AuthnContext requests sent from the service provider. | |||||
| CVE-2021-22943 | 1 Ui | 1 Unifi Protect | 2021-09-09 | 8.3 HIGH | 9.6 CRITICAL |
| A vulnerability found in UniFi Protect application V1.18.1 and earlier permits a malicious actor who has already gained access to a network to subsequently control the Protect camera(s) assigned to said network. This vulnerability is fixed in UniFi Protect application V1.19.0 and later. | |||||
| CVE-2021-34578 | 1 Wago | 24 750-362, 750-362 Firmware, 750-363 and 21 more | 2021-09-08 | 6.8 MEDIUM | 8.1 HIGH |
| This vulnerability allows an attacker who has access to the WBM to read and write settings-parameters of the device by sending specifically constructed requests without authentication on multiple WAGO PLCs in firmware versions up to FW07. | |||||
| CVE-2021-36370 | 1 Midnight-commander | 1 Midnight Commander | 2021-09-08 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Midnight Commander through 4.8.26. When establishing an SFTP connection, the fingerprint of the server is neither checked nor displayed. As a result, a user connects to the server without the ability to verify its authenticity. | |||||
| CVE-2021-39138 | 1 Parseplatform | 1 Parse-server | 2021-09-01 | 6.4 MEDIUM | 6.5 MEDIUM |
| Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Developers can use the REST API to signup users and also allow users to login anonymously. Prior to version 4.5.1, when an anonymous user is first signed up using REST, the server creates session incorrectly. Particularly, the `authProvider` field in `_Session` class under `createdWith` shows the user logged in creating a password. If a developer later depends on the `createdWith` field to provide a different level of access between a password user and anonymous user, the server incorrectly classified the session type as being created with a `password`. The server does not currently use `createdWith` to make decisions about internal functions, so if a developer is not using `createdWith` directly, they are not affected. The vulnerability only affects users who depend on `createdWith` by using it directly. The issue is patched in Parse Server version 4.5.1. As a workaround, do not use the `createdWith` Session field to make decisions if one allows anonymous login. | |||||
| CVE-2021-39165 | 1 Chachethq | 1 Cachet | 2021-09-01 | 5.0 MEDIUM | 6.5 MEDIUM |
| Cachet is an open source status page. With Cachet prior to and including 2.3.18, there is a SQL injection which is in the `SearchableTrait#scopeSearch()`. Attackers without authentication can utilize this vulnerability to exfiltrate sensitive data from the database such as administrator's password and session. The original repository of Cachet <https://github.com/CachetHQ/Cachet> is not active, the stable version 2.3.18 and it's developing 2.4 branch is affected. | |||||
| CVE-2021-29487 | 1 Octobercms | 1 October | 2021-09-01 | 5.8 MEDIUM | 7.4 HIGH |
| octobercms in a CMS platform based on the Laravel PHP Framework. In affected versions of the october/system package an attacker can exploit this vulnerability to bypass authentication and takeover of and user account on an October CMS server. The vulnerability is exploitable by unauthenticated users via a specially crafted request. This only affects frontend users and the attacker must obtain a Laravel secret key for cookie encryption and signing in order to exploit this vulnerability. The issue has been patched in Build 472 and v1.1.5. | |||||
| CVE-2021-20598 | 1 Mitsubishielectric | 16 R08psfcpu, R08psfcpu Firmware, R08sfcpu and 13 more | 2021-08-27 | 5.0 MEDIUM | 5.3 MEDIUM |
| Overly Restrictive Account Lockout Mechanism vulnerability in Mitsubishi Electric MELSEC iQ-R series CPU modules (R08/16/32/120SFCPU all versions, R08/16/32/120PSFCPU all versions) allows a remote unauthenticated attacker to lockout a legitimate user by continuously trying login with incorrect password. | |||||
| CVE-2021-3458 | 1 Motorola | 2 Mm1000, Mm1000 Firmware | 2021-08-25 | 2.1 LOW | 4.6 MEDIUM |
| The Motorola MM1000 device configuration portal can be accessed without authentication, which could allow adapter settings to be modified. | |||||
| CVE-2021-25956 | 1 Dolibarr | 1 Dolibarr | 2021-08-24 | 6.5 MEDIUM | 7.2 HIGH |
| In “Dolibarr” application, v3.3.beta1_20121221 to v13.0.2 have “Modify” access for admin level users to change other user’s details but fails to validate already existing “Login” name, while renaming the user “Login”. This leads to complete account takeover of the victim user. This happens since the password gets overwritten for the victim user having a similar login name. | |||||
| CVE-2021-37597 | 1 Wpcerber | 1 Wp Cerber | 2021-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| WP Cerber before 8.9.3 allows MFA bypass via wordpress_logged_in_[hash] manipulation. | |||||
| CVE-2021-36921 | 1 Monitorapp | 2 Application Insight Manager, Application Insight Web Application Firewall | 2021-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| AIMANAGER before B115 on MONITORAPP Application Insight Web Application Firewall (AIWAF) devices with Manager 2.1.0 has Improper Authentication. An attacker can gain administrative access by modifying the response to an authentication check request. | |||||
| CVE-2021-20759 | 1 Cybozu | 1 Garoon | 2021-08-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| Operational restrictions bypass vulnerability in Bulletin of Cybozu Garoon 4.6.0 to 5.0.2 allows a remote authenticated attacker to alter the data of Portal without the appropriate privilege. | |||||
| CVE-2021-20757 | 1 Cybozu | 1 Garoon | 2021-08-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| Operational restrictions bypass vulnerability in E-mail of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to alter the data of Portal without the appropriate privilege. | |||||
| CVE-2021-24527 | 1 Cozmoslabs | 1 Profile Builder | 2021-08-23 | 10.0 HIGH | 9.8 CRITICAL |
| The User Registration & User Profile – Profile Builder WordPress plugin before 3.4.9 has a bug allowing any user to reset the password of the admin of the blog, and gain unauthorised access, due to a bypass in the way the reset key is checked. Furthermore, the admin will not be notified of such change by email for example. | |||||
| CVE-2021-27794 | 1 Broadcom | 1 Fabric Operating System | 2021-08-23 | 4.6 MEDIUM | 7.8 HIGH |
| A vulnerability in the authentication mechanism of Brocade Fabric OS versions before Brocade Fabric OS v.9.0.1a, v8.2.3a and v7.4.2h could allow a user to Login with empty password, and invalid password through telnet, ssh and REST. | |||||
| CVE-2021-3046 | 1 Paloaltonetworks | 1 Pan-os | 2021-08-19 | 4.3 MEDIUM | 6.5 MEDIUM |
| An improper authentication vulnerability exists in Palo Alto Networks PAN-OS software that enables a SAML authenticated attacker to impersonate any other user in the GlobalProtect Portal and GlobalProtect Gateway when they are configured to use SAML authentication. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.19; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.9; PAN-OS 10.0 versions earlier than PAN-OS 10.0.5. PAN-OS 10.1 versions are not impacted. | |||||