Search
Total
2785 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-6013 | 1 Wordpress | 1 Wordpress | 2018-10-15 | 6.8 MEDIUM | N/A |
| Wordpress 1.5 through 2.3.1 uses cookie values based on the MD5 hash of a password MD5 hash, which allows attackers to bypass authentication by obtaining the MD5 hash from the user database, then generating the authentication cookie from that hash. | |||||
| CVE-2007-5913 | 1 Jean Charles | 1 Jbc Explorer | 2018-10-15 | 6.8 MEDIUM | N/A |
| dirsys/modules/auth.php in JBC Explorer 7.20 RC1 and earlier does not require authentication, which allows remote attackers to (1) delete auth.inc.php via the suppr parameter, and (2) re-create the auth.inc.php file with contents that specify a new account name and password for JBC Explorer via the login and password parameters. | |||||
| CVE-2007-5752 | 1 Agtc Websolutions | 1 Php-agtc Membership System | 2018-10-15 | 7.5 HIGH | N/A |
| adduser.php in PHP-AGTC Membership (AGTC-Membership) System 1.1a does not require authentication, which allows remote attackers to create accounts via a modified form, as demonstrated by an account with admin (userlevel 4) privileges. | |||||
| CVE-2007-5383 | 2 Alcatel, Bt | 2 Speedtouch 7g Router, Home Hub | 2018-10-15 | 10.0 HIGH | N/A |
| The Thomson/Alcatel SpeedTouch 7G router, as used for the BT Home Hub 6.2.6.B and earlier, allows remote attackers on an intranet to bypass authentication and gain administrative access via vectors including a '/' (slash) character at the end of the PATH_INFO to cgi/b, aka "double-slash auth bypass." NOTE: remote attackers outside the intranet can exploit this by leveraging a separate CSRF vulnerability. NOTE: SpeedTouch 780 might also be affected by some of these issues. | |||||
| CVE-2007-5162 | 1 Ruby-lang | 1 Ruby | 2018-10-15 | 4.3 MEDIUM | N/A |
| The connect method in lib/net/http.rb in the (1) Net::HTTP and (2) Net::HTTPS libraries in Ruby 1.8.5 and 1.8.6 does not verify that the commonName (CN) field in a server certificate matches the domain name in an HTTPS request, which makes it easier for remote attackers to intercept SSL transmissions via a man-in-the-middle attack or spoofed web site. | |||||
| CVE-2007-5057 | 1 Netsupport | 1 Netsupport Manager Client | 2018-10-15 | 10.0 HIGH | N/A |
| NetSupport Manager Client before 10.20.0004 allows remote attackers to bypass the (1) basic and (2) authentication schemes by spoofing the NetSupport Manager. | |||||
| CVE-2007-5113 | 1 Roi Revolution | 1 Urchin | 2018-10-15 | 5.0 MEDIUM | N/A |
| report.cgi in Google Urchin allows remote attackers to bypass authentication and obtain sensitive information (web server logs) via certain modified query parameters, as demonstrated using the profile, rid, prefs, n, vid, bd, ed, dt, and gtype parameters, a different vulnerability than CVE-2007-5112. | |||||
| CVE-2007-4419 | 1 Olate | 1 Olatedownload | 2018-10-15 | 9.3 HIGH | N/A |
| Admin.php in Olate Download (od) 3.4.1 uses an MD5 hash of the admin username, user id, and group id, to compose the OD3_AutoLogin authentication cookie, which makes it easier for remote attackers to guess the cookie and access the Admin area. | |||||
| CVE-2007-4203 | 1 Mambo | 1 Mambo Open Source | 2018-10-15 | 9.3 HIGH | N/A |
| Session fixation vulnerability in Mambo 4.6.2 CMS allows remote attackers to hijack web sessions by setting the Cookie parameter. | |||||
| CVE-2007-3988 | 1 Virtual Hosting Control System | 1 Virtual Hosting Control System | 2018-10-15 | 6.8 MEDIUM | N/A |
| Session fixation vulnerability in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter. | |||||
| CVE-2007-3597 | 1 Zen Cart | 1 Zen Cart | 2018-10-15 | 8.5 HIGH | N/A |
| Session fixation vulnerability in Zen Cart 1.3.7 and earlier allows remote attackers to hijack web sessions by setting the Cookie parameter. | |||||
| CVE-2017-16348 | 1 Insteon | 2 Insteon Hub, Insteon Hub Firmware | 2018-10-15 | 7.8 HIGH | 7.5 HIGH |
| An exploitable denial of service vulnerability exists in Insteon Hub running firmware version 1012. Leftover demo functionality allows for arbitrarily rebooting the device without authentication. An attacker can send a UDP packet to trigger this vulnerability. | |||||
| CVE-2016-8380 | 1 Phoenixcontact | 2 Ilc Plcs, Ilc Plcs Firmware | 2018-10-14 | 7.5 HIGH | 7.3 HIGH |
| The web server in Phoenix Contact ILC PLCs allows access to read and write PLC variables without authentication. | |||||
| CVE-2016-8371 | 1 Phoenixcontact | 2 Ilc Plcs, Ilc Plcs Firmware | 2018-10-14 | 7.5 HIGH | 7.3 HIGH |
| The web server in Phoenix Contact ILC PLCs can be accessed without authenticating even if the authentication mechanism is enabled. | |||||
| CVE-2013-1337 | 1 Microsoft | 1 .net Framework | 2018-10-12 | 7.5 HIGH | N/A |
| Microsoft .NET Framework 4.5 does not properly create policy requirements for custom Windows Communication Foundation (WCF) endpoint authentication in certain situations involving passwords over HTTPS, which allows remote attackers to bypass authentication by sending queries to an endpoint, aka "Authentication Bypass Vulnerability." | |||||
| CVE-2011-0039 | 1 Microsoft | 2 Windows 2003 Server, Windows Xp | 2018-10-12 | 7.2 HIGH | N/A |
| The Local Security Authority Subsystem Service (LSASS) in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly process authentication requests, which allows local users to gain privileges via a request with a crafted length, aka "LSASS Length Validation Vulnerability." | |||||
| CVE-2008-3466 | 1 Microsoft | 3 Host Integration Server 2000, Host Integration Server 2004, Host Integration Server 2006 | 2018-10-12 | 10.0 HIGH | N/A |
| Microsoft Host Integration Server (HIS) 2000, 2004, and 2006 does not limit RPC access to administrative functions, which allows remote attackers to bypass authentication and execute arbitrary programs via a crafted SNA RPC message using opcode 1 or 6 to call the CreateProcess function, aka "HIS Command Execution Vulnerability." | |||||
| CVE-2008-4032 | 1 Microsoft | 2 Office Sharepoint Server, Search Server | 2018-10-12 | 7.5 HIGH | N/A |
| Microsoft Office SharePoint Server 2007 Gold and SP1 and Microsoft Search Server 2008 do not properly perform authentication and authorization for administrative functions, which allows remote attackers to cause a denial of service (server load), obtain sensitive information, and "create scripts that would run in the context of the site" via requests to administrative URIs, aka "Access Control Vulnerability." | |||||
| CVE-1999-0680 | 1 Microsoft | 1 Terminal Server | 2018-10-12 | 5.0 MEDIUM | N/A |
| Windows NT Terminal Server performs extra work when a client opens a new connection but before it is authenticated, allowing for a denial of service. | |||||
| CVE-1999-0366 | 1 Microsoft | 1 Windows Nt | 2018-10-12 | 7.5 HIGH | N/A |
| In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank password, through a problem with a null NT hash value. | |||||
| CVE-2009-0360 | 1 Eyrie | 1 Pam-krb5 | 2018-10-11 | 6.2 MEDIUM | N/A |
| Russ Allbery pam-krb5 before 3.13, when linked against MIT Kerberos, does not properly initialize the Kerberos libraries for setuid use, which allows local users to gain privileges by pointing an environment variable to a modified Kerberos configuration file, and then launching a PAM-based setuid application. | |||||
| CVE-2009-0280 | 1 Asp-project | 1 Asp-project | 2018-10-11 | 7.5 HIGH | N/A |
| Asp Project Management 1.0 allows remote attackers to bypass authentication and gain administrative access by setting the crypt cookie to 1. | |||||
| CVE-2009-0412 | 1 Interspire | 1 Shopping Cart | 2018-10-11 | 7.5 HIGH | N/A |
| The ProcessLogin function in class.auth.php in Interspire Shopping Cart (ISC) 4.0.1 Ultimate edition allows remote attackers to bypass authentication and obtain administrative access by reusing the RememberToken cookie after a failed admin login attempt. | |||||
| CVE-2009-0048 | 1 Openevidence | 1 Openevidence | 2018-10-11 | 5.0 MEDIUM | N/A |
| OpenEvidence 1.0.6 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to CVE-2008-5077. | |||||
| CVE-2009-0051 | 1 Zxid | 1 Zxid | 2018-10-11 | 5.0 MEDIUM | N/A |
| ZXID 0.29 and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077. | |||||
| CVE-2009-0047 | 1 Gale | 1 Gale | 2018-10-11 | 5.0 MEDIUM | N/A |
| Gale 0.99 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to CVE-2008-5077. | |||||
| CVE-2009-0049 | 1 Eid | 1 Eidlib | 2018-10-11 | 5.0 MEDIUM | N/A |
| Belgian eID middleware (eidlib) 2.6.0 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to CVE-2008-5077. | |||||
| CVE-2009-0046 | 1 Sun | 1 Grid Engine | 2018-10-11 | 5.0 MEDIUM | N/A |
| Sun GridEngine 5.3 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to CVE-2008-5077. | |||||
| CVE-2008-7109 | 1 Kyoceramita | 1 Scanner File Utility | 2018-10-11 | 10.0 HIGH | N/A |
| The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 allows remote attackers to bypass authorization and upload arbitrary files to the client system via a modified program that does not prompt the user for a password. | |||||
| CVE-2009-0025 | 1 Isc | 1 Bind | 2018-10-11 | 6.8 MEDIUM | N/A |
| BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077. | |||||
| CVE-2009-0021 | 1 Ntp | 1 Ntp | 2018-10-11 | 5.0 MEDIUM | N/A |
| NTP 4.2.4 before 4.2.4p5 and 4.2.5 before 4.2.5p150 does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to CVE-2008-5077. | |||||
| CVE-2008-6816 | 1 Eaton | 1 Network Shutdown Module | 2018-10-11 | 10.0 HIGH | N/A |
| Eaton MGEOPS Network Shutdown Module before 3.10 Build 13 allows remote attackers to execute arbitrary code by adding a custom action to the MGE frontend via pane_actionbutton.php, and then executing this action via exec_action.php. | |||||
| CVE-2008-6947 | 1 Collabtive | 1 Collabtive | 2018-10-11 | 7.5 HIGH | N/A |
| Collabtive 0.4.8 allows remote attackers to bypass authentication and create new users, including administrators, via unspecified vectors associated with the added mode in a users action to admin.php. | |||||
| CVE-2008-5692 | 1 Ipswitch | 1 Ws Ftp | 2018-10-11 | 5.0 MEDIUM | N/A |
| Ipswitch WS_FTP Server Manager before 6.1.1, and possibly other Ipswitch products, allows remote attackers to bypass authentication and read logs via a logLogout action to FTPLogServer/login.asp followed by a request to FTPLogServer/LogViewer.asp with the localhostnull account name. | |||||
| CVE-2008-5575 | 1 Proclanmanager | 1 Pro Clan Manager | 2018-10-11 | 7.5 HIGH | N/A |
| Session fixation vulnerability in Pro Clan Manager 0.4.2 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter. | |||||
| CVE-2008-5558 | 1 Asterisk | 2 Asterisk Business Edition, Open Source | 2018-10-11 | 4.3 MEDIUM | N/A |
| Asterisk Open Source 1.2.26 through 1.2.30.3 and Business Edition B.2.3.5 through B.2.5.5, when realtime IAX2 users are enabled, allows remote attackers to cause a denial of service (crash) via authentication attempts involving (1) an unknown user or (2) a user using hostname matching. | |||||
| CVE-2008-6039 | 1 Bluepage | 1 Bluepage Cms | 2018-10-11 | 6.8 MEDIUM | N/A |
| Session fixation vulnerability in BLUEPAGE CMS 2.5 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter. | |||||
| CVE-2008-5964 | 1 Impresscms | 1 Impresscms | 2018-10-11 | 6.8 MEDIUM | N/A |
| Session fixation vulnerability in Social ImpressCMS before 1.1.1 RC1 allows remote attackers to hijack web sessions by setting the PHPSESSID parameter. | |||||
| CVE-2008-6045 | 1 Xt-commerce | 1 Xt-commerce | 2018-10-11 | 6.8 MEDIUM | N/A |
| Session fixation vulnerability in shopping_cart.php in xt:Commerce 3.0.4 and earlier allows remote attackers to hijack web sessions by setting the XTCsid parameter. | |||||
| CVE-2008-5124 | 1 Jscape | 1 Secure Ftp Applet | 2018-10-11 | 7.5 HIGH | N/A |
| JSCAPE Secure FTP Applet 4.8.0 and earlier does not ask the user to verify a new or mismatched SSH host key, which makes it easier for remote attackers to perform man-in-the-middle attacks. | |||||
| CVE-2008-5158 | 1 Clientsoftware | 1 Wincome Mpd Total | 2018-10-11 | 7.5 HIGH | N/A |
| Client Software WinCom LPD Total 3.0.2.623 and earlier allows remote attackers to bypass authentication and perform administrative actions via vectors involving "simply skipping the auth stage." | |||||
| CVE-2008-3703 | 1 Symantec | 1 Veritas Storage Foundation | 2018-10-11 | 10.0 HIGH | N/A |
| The management console in the Volume Manager Scheduler Service (aka VxSchedService.exe) in Symantec Veritas Storage Foundation for Windows (SFW) 5.0, 5.0 RP1a, and 5.1 accepts NULL NTLMSSP authentication, which allows remote attackers to execute arbitrary code via requests to the service socket that create "snapshots schedules" registry values specifying future command execution. NOTE: this issue exists because of an incomplete fix for CVE-2007-2279. | |||||
| CVE-2008-3375 | 1 Jamroom | 1 Jamroom | 2018-10-11 | 7.5 HIGH | N/A |
| The jrCookie function in includes/jamroom-misc.inc.php in JamRoom before 3.4.0 allows remote attackers to bypass authentication and gain administrative access via a boolean value within serialized data in a JMU_Cookie cookie. | |||||
| CVE-2008-3411 | 1 Axesstel | 1 Akw-d800 | 2018-10-11 | 10.0 HIGH | N/A |
| The Axesstel AXW-D800 modem with D2_ETH_109_01_VEBR Jun-14-2006 software does not require authentication for (1) etc/config/System.html, (2) etc/config/Network.html, (3) etc/config/Security.html, (4) cgi-bin/sysconf.cgi, and (5) cgi-bin/route.cgi, which allows remote attackers to change the modem's configuration via direct requests. | |||||
| CVE-2008-3264 | 1 Asterisk | 5 Asterisk Appliance Developer Kit, Asterisk Business Edition, Asterisknow and 2 more | 2018-10-11 | 7.8 HIGH | N/A |
| The FWDOWNL firmware-download implementation in Asterisk Open Source 1.0.x, 1.2.x before 1.2.30, and 1.4.x before 1.4.21.2; Business Edition A.x.x, B.x.x before B.2.5.4, and C.x.x before C.1.10.3; AsteriskNOW; Appliance Developer Kit 0.x.x; and s800i 1.0.x before 1.2.0.1 allows remote attackers to cause a denial of service (traffic amplification) via an IAX2 FWDOWNL request. | |||||
| CVE-2008-3033 | 1 Rss Aggregator | 1 Rss Aggregator | 2018-10-11 | 9.3 HIGH | N/A |
| RSS-aggregator 1.0 does not require administrative authentication for the admin/fonctions/ directory, which allows remote attackers to access admin functions and have unspecified other impact, as demonstrated by (1) an IdFlux request to supprimer_flux.php and (2) a TpsRafraich request to modifier_tps_rafraich.php. | |||||
| CVE-2008-2879 | 1 Benjacms | 1 Benja Cms | 2018-10-11 | 6.4 MEDIUM | N/A |
| Benja CMS 0.1 does not require authentication for access to admin/, which allows remote attackers to add or delete a menu. | |||||
| CVE-2008-2801 | 1 Mozilla | 2 Firefox, Seamonkey | 2018-10-11 | 7.5 HIGH | N/A |
| Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly implement JAR signing, which allows remote attackers to execute arbitrary code via (1) injection of JavaScript into documents within a JAR archive or (2) a JAR archive that uses relative URLs to JavaScript files. | |||||
| CVE-2008-2433 | 1 Trend Micro | 3 Client Server Messaging Suite, Officescan, Worry Free Business Security | 2018-10-11 | 7.5 HIGH | N/A |
| The web management console in Trend Micro OfficeScan 7.0 through 8.0, Worry-Free Business Security 5.0, and Client/Server/Messaging Suite 3.5 and 3.6 creates a random session token based only on the login time, which makes it easier for remote attackers to hijack sessions via brute-force attacks. NOTE: this can be leveraged for code execution through an unspecified "manipulation of the configuration." | |||||
| CVE-2008-1949 | 1 Gnu | 1 Gnutls | 2018-10-11 | 9.3 HIGH | N/A |
| The _gnutls_recv_client_kx_message function in lib/gnutls_kx.c in libgnutls in gnutls-serv in GnuTLS before 2.2.4 continues to process Client Hello messages within a TLS message after one has already been processed, which allows remote attackers to cause a denial of service (NULL dereference and crash) via a TLS message containing multiple Client Hello messages, aka GNUTLS-SA-2008-1-2. | |||||