Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-41896

Summary
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
Published At-29 Jun, 2026 | 20:16
Updated At-30 Jun, 2026 | 12:55
Rejected At-
Credits

Coolify: Unauthenticated Deployment Trigger via Webhook HMAC Bypass with Null Secret

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, the HMAC key is the application's manual_webhook_secret_github field, which is used by Coolify's webhook endpoints to validate incoming requests, is nullable with no default — meaning newly created applications have a null webhook secret. PHP's hash_hmac() function silently coerces a null key to an empty string ''. So when the secret is null, the server computes hash_hmac('sha256', $payload, '') — a deterministic value that any attacker can calculate independently. By sending X-Hub-Signature-256: sha256=<hash_hmac('sha256', payload, '')>, an unauthenticated attacker can forge a valid signature and trigger deployments. This vulnerability is fixed in 4.0.0-beta.474.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:GitHub_M
Assigner Org ID:a0819718-46f1-4df5-94e2-005712e83aaa
Published At:29 Jun, 2026 | 20:16
Updated At:30 Jun, 2026 | 12:55
Rejected At:
▼CVE Numbering Authority (CNA)
Coolify: Unauthenticated Deployment Trigger via Webhook HMAC Bypass with Null Secret

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, the HMAC key is the application's manual_webhook_secret_github field, which is used by Coolify's webhook endpoints to validate incoming requests, is nullable with no default — meaning newly created applications have a null webhook secret. PHP's hash_hmac() function silently coerces a null key to an empty string ''. So when the secret is null, the server computes hash_hmac('sha256', $payload, '') — a deterministic value that any attacker can calculate independently. By sending X-Hub-Signature-256: sha256=<hash_hmac('sha256', payload, '')>, an unauthenticated attacker can forge a valid signature and trigger deployments. This vulnerability is fixed in 4.0.0-beta.474.

Affected Products
Vendor
coollabsio
Product
coolify
Versions
Affected
  • < 4.0.0-beta.474
Problem Types
TypeCWE IDDescription
CWECWE-287CWE-287: Improper Authentication
Type: CWE
CWE ID: CWE-287
Description: CWE-287: Improper Authentication
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/coollabsio/coolify/security/advisories/GHSA-w8wm-r924-f65v
x_refsource_CONFIRM
Hyperlink: https://github.com/coollabsio/coolify/security/advisories/GHSA-w8wm-r924-f65v
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/coollabsio/coolify/security/advisories/GHSA-w8wm-r924-f65v
exploit
Hyperlink: https://github.com/coollabsio/coolify/security/advisories/GHSA-w8wm-r924-f65v
Resource:
exploit
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security-advisories@github.com
Published At:29 Jun, 2026 | 21:16
Updated At:30 Jun, 2026 | 14:14

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, the HMAC key is the application's manual_webhook_secret_github field, which is used by Coolify's webhook endpoints to validate incoming requests, is nullable with no default — meaning newly created applications have a null webhook secret. PHP's hash_hmac() function silently coerces a null key to an empty string ''. So when the secret is null, the server computes hash_hmac('sha256', $payload, '') — a deterministic value that any attacker can calculate independently. By sending X-Hub-Signature-256: sha256=<hash_hmac('sha256', payload, '')>, an unauthenticated attacker can forge a valid signature and trigger deployments. This vulnerability is fixed in 4.0.0-beta.474.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
N/A
Type: Secondary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Type: N/A
Version:
Base score:
Base severity: N/A
Vector:
CPE Matches

Weaknesses
CWE IDTypeSource
CWE-287Secondarysecurity-advisories@github.com
CWE ID: CWE-287
Type: Secondary
Source: security-advisories@github.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://github.com/coollabsio/coolify/security/advisories/GHSA-w8wm-r924-f65vsecurity-advisories@github.com
N/A
https://github.com/coollabsio/coolify/security/advisories/GHSA-w8wm-r924-f65v134c704f-9b21-4f2e-91b3-4a467353bcc0
N/A
Hyperlink: https://github.com/coollabsio/coolify/security/advisories/GHSA-w8wm-r924-f65v
Source: security-advisories@github.com
Resource: N/A
Hyperlink: https://github.com/coollabsio/coolify/security/advisories/GHSA-w8wm-r924-f65v
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

106Records found

CVE-2019-18320
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-1.07% / 60.70%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 19:08
Updated-05 Aug, 2024 | 01:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could be able to upload arbitrary files without authentication. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-sppa-t3000_application_serverSPPA-T3000 Application Server
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2019-18848
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.26% / 65.96%
||
7 Day CHG~0.00%
Published-12 Nov, 2019 | 14:23
Updated-05 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The json-jwt gem before 1.11.0 for Ruby lacks an element count during the splitting of a JWE string.

Action-Not Available
Vendor-json-jwt_projectn/aDebian GNU/Linux
Product-debian_linuxjson-jwtn/a
CWE ID-CWE-287
Improper Authentication
CVE-2019-16929
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.89% / 55.03%
||
7 Day CHG~0.00%
Published-08 Oct, 2019 | 12:06
Updated-05 Aug, 2024 | 01:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Auth0 auth0.net before 6.5.4 has Incorrect Access Control because IdentityTokenValidator can be accidentally used to validate untrusted ID tokens.

Action-Not Available
Vendor-auth0n/a
Product-auth0.netn/a
CWE ID-CWE-287
Improper Authentication
CVE-2019-16250
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.36% / 68.44%
||
7 Day CHG~0.00%
Published-11 Sep, 2019 | 22:55
Updated-05 Aug, 2024 | 01:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

includes/wizard/wizard.php in the Ocean Extra plugin through 1.5.8 for WordPress allows unauthenticated options changes and injection of a Cascading Style Sheets (CSS) token sequence.

Action-Not Available
Vendor-oceanwpn/a
Product-ocean_extran/a
CWE ID-CWE-287
Improper Authentication
CVE-2024-5798
Matching Score-4
Assigner-HashiCorp Inc.
ShareView Details
Matching Score-4
Assigner-HashiCorp Inc.
CVSS Score-2.6||LOW
EPSS-0.34% / 26.34%
||
7 Day CHG~0.00%
Published-12 Jun, 2024 | 18:55
Updated-04 Nov, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims

Vault and Vault Enterprise did not properly validate the JSON Web Token (JWT) role-bound audience claim when using the Vault JWT auth method. This may have resulted in Vault validating a JWT the audience and role-bound claims do not match, allowing an invalid login to succeed when it should have been rejected. This vulnerability, CVE-2024-5798, was fixed in Vault and Vault Enterprise 1.17.0, 1.16.3, and 1.15.9

Action-Not Available
Vendor-HashiCorp, Inc.
Product-vaultVaultVault Enterprise
CWE ID-CWE-287
Improper Authentication
CVE-2022-31083
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.6||HIGH
EPSS-0.82% / 52.90%
||
7 Day CHG+0.02%
Published-17 Jun, 2022 | 18:15
Updated-23 Apr, 2025 | 18:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Authentication bypass in Parse Server Apple Game Center auth adapter

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 4.10.11 and 5.2.2, the certificate in the Parse Server Apple Game Center auth adapter not validated. As a result, authentication could potentially be bypassed by making a fake certificate accessible via certain Apple domains and providing the URL to that certificate in an authData object. Versions 4.0.11 and 5.2.2 prevent this by introducing a new `rootCertificateUrl` property to the Parse Server Apple Game Center auth adapter which takes the URL to the root certificate of Apple's Game Center authentication certificate. If no value is set, the `rootCertificateUrl` property defaults to the URL of the current root certificate as of May 27, 2022. Keep in mind that the root certificate can change at any time and that it is the developer's responsibility to keep the root certificate URL up-to-date when using the Parse Server Apple Game Center auth adapter. There are no known workarounds for this issue.

Action-Not Available
Vendor-parseplatformparse-community
Product-parse-serverparse-server
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-295
Improper Certificate Validation
CVE-2022-30624
Matching Score-4
Assigner-Israel National Cyber Directorate (INCD)
ShareView Details
Matching Score-4
Assigner-Israel National Cyber Directorate (INCD)
CVSS Score-6.8||MEDIUM
EPSS-0.29% / 20.49%
||
7 Day CHG~0.00%
Published-18 Jul, 2022 | 12:57
Updated-17 Sep, 2024 | 00:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Chcnav - P5E GNSS Authentication bypass admin password reset

Browsing the admin.html page allows the user to reset the admin password. Also appears in the JS code for the password.

Action-Not Available
Vendor-chcnavChcnav
Product-p5e_gnssp5e_gnss_firmwareChcnav - P5E GNSS
CWE ID-CWE-287
Improper Authentication
CVE-2019-12664
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-4.7||MEDIUM
EPSS-1.43% / 69.71%
||
7 Day CHG~0.00%
Published-25 Sep, 2019 | 20:16
Updated-21 Nov, 2024 | 19:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software ISDN Data Leak Vulnerability

A vulnerability in the Dialer interface feature for ISDN connections in Cisco IOS XE Software for Cisco 4000 Series Integrated Services Routers (ISRs) could allow an unauthenticated, adjacent attacker to pass IPv4 traffic through an ISDN channel prior to successful PPP authentication. The vulnerability is due to insufficient validation of the state of the PPP IP Control Protocol (IPCP). An attacker could exploit this vulnerability by making an ISDN call to an affected device and sending traffic through the ISDN channel prior to successful PPP authentication. Alternatively, an unauthenticated, remote attacker could exploit this vulnerability by sending traffic through an affected device that is configured to exit via an ISDN connection for which both the Dialer interface and the Basic Rate Interface (BRI) have been configured, but the Challenge Handshake Authentication Protocol (CHAP) password for PPP does not match the remote end. A successful exploit could allow the attacker to pass IPv4 traffic through an unauthenticated ISDN connection for a few seconds, from initial ISDN call setup until PPP authentication fails.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xe4351_integrated_services_router4331_integrated_services_router4321_integrated_services_routerCisco IOS XE Software
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-287
Improper Authentication
CVE-2022-29534
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.52% / 71.55%
||
7 Day CHG~0.00%
Published-20 Apr, 2022 | 00:00
Updated-22 Jun, 2026 | 19:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in MISP before 2.4.158. In UsersController.php, password confirmation can be bypassed via vectors involving an "Accept: application/json" header.

Action-Not Available
Vendor-misp-projectn/a
Product-mispn/a
CWE ID-CWE-287
Improper Authentication
CVE-2022-24748
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.73% / 49.75%
||
7 Day CHG~0.00%
Published-09 Mar, 2022 | 22:25
Updated-23 Apr, 2025 | 18:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect Authentication in shopware

Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. In versions prior to 6.4.8.2 it is possible to modify customers and to create orders without App Permission. This issue is a result of improper api route checking. Users are advised to upgrade to version 6.4.8.2. There are no known workarounds.

Action-Not Available
Vendor-shopwareshopware
Product-shopwareplatform
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-863
Incorrect Authorization
CVE-2022-3119
Matching Score-4
Assigner-WPScan
ShareView Details
Matching Score-4
Assigner-WPScan
CVSS Score-7.5||HIGH
EPSS-0.36% / 28.48%
||
7 Day CHG~0.00%
Published-26 Sep, 2022 | 12:35
Updated-21 May, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OAuth client Single Sign On for WordPress < 3.0.4 - Unauthenticated Settings Update to Authentication Bypass

The OAuth client Single Sign On WordPress plugin before 3.0.4 does not have authorisation and CSRF when updating its settings, which could allow unauthenticated attackers to update them and change the OAuth endpoints to ones they controls, allowing them to then be authenticated as admin if they know the correct email address

Action-Not Available
Vendor-oauth_client_single_sign_on_projectUnknown
Product-oauth_client_single_sign_onOAuth client Single Sign On for WordPress ( OAuth 2.0 SSO )
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-352
Cross-Site Request Forgery (CSRF)
CVE-2022-31164
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.54% / 41.64%
||
7 Day CHG~0.00%
Published-21 Jul, 2022 | 13:35
Updated-23 Apr, 2025 | 17:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tovy before v0.7.51 vulnerable to users logging in as and impersonating other users

Tovy is a a staff management system for Roblox groups. A vulnerability in versions prior to 0.7.51 allows users to log in as other users, including privileged users such as the other of the instance. The problem has been patched in version 0.7.51.

Action-Not Available
Vendor-tovybloxtovyblox
Product-tovytovy
CWE ID-CWE-287
Improper Authentication
CVE-2022-21935
Matching Score-4
Assigner-Johnson Controls
ShareView Details
Matching Score-4
Assigner-Johnson Controls
CVSS Score-7.5||HIGH
EPSS-0.86% / 54.05%
||
7 Day CHG+0.02%
Published-15 Jun, 2022 | 19:57
Updated-16 Sep, 2024 | 19:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Metasys password guessing

A vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 allows unverified password change.

Action-Not Available
Vendor-johnsoncontrolsJohnson Controls
Product-metasys_open_application_servermetasys_application_and_data_servermetasys_extended_application_and_data_serverMetasys ADS/ADX/OAS server
CWE ID-CWE-620
Unverified Password Change
CWE ID-CWE-287
Improper Authentication
CVE-2018-7745
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-12.54% / 95.75%
||
7 Day CHG~0.00%
Published-07 Mar, 2018 | 17:00
Updated-05 Aug, 2024 | 06:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Western Bridge Cobub Razor 0.7.2. Authentication is not required for /index.php?/install/installation/createuserinfo requests, resulting in account creation.

Action-Not Available
Vendor-cobubn/a
Product-razorn/a
CWE ID-CWE-287
Improper Authentication
CVE-2018-7340
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.7||HIGH
EPSS-0.93% / 56.40%
||
7 Day CHG-0.03%
Published-17 Apr, 2019 | 14:01
Updated-05 Aug, 2024 | 06:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Multiple SAML libraries may allow authentication bypass via incorrect XML canonicalization and DOM traversal

Duo Network Gateway 1.2.9 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers.

Action-Not Available
Vendor-Duo SecurityCisco Systems, Inc.
Product-duo_network_gatewayDuo Network Gateway
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2018-5387
Matching Score-4
Assigner-CERT/CC
ShareView Details
Matching Score-4
Assigner-CERT/CC
CVSS Score-7.5||HIGH
EPSS-1.66% / 73.81%
||
7 Day CHG~0.00%
Published-24 Jul, 2018 | 15:00
Updated-16 Sep, 2024 | 22:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Wizkunde SAMLBase may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers.

Action-Not Available
Vendor-wizkundeWizkunde
Product-samlbaseSAMLBase
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2018-19834
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.93% / 56.29%
||
7 Day CHG~0.00%
Published-31 Dec, 2019 | 15:06
Updated-05 Aug, 2024 | 11:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The quaker function of a smart contract implementation for BOMBBA (BOMB), an tradable Ethereum ERC20 token, allows attackers to change the owner of the contract, because the function does not check the caller's identity.

Action-Not Available
Vendor-bombba_projectn/a
Product-bombban/a
CWE ID-CWE-287
Improper Authentication
CVE-2018-19832
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.93% / 56.29%
||
7 Day CHG~0.00%
Published-31 Dec, 2019 | 15:06
Updated-05 Aug, 2024 | 11:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The NETM() function of a smart contract implementation for NewIntelTechMedia (NETM), an tradable Ethereum ERC20 token, allows attackers to change the owner of the contract, because the function does not check the caller's identity.

Action-Not Available
Vendor-newinteltechmedia_projectn/a
Product-newinteltechmedian/a
CWE ID-CWE-287
Improper Authentication
CVE-2018-19833
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.93% / 56.29%
||
7 Day CHG~0.00%
Published-31 Dec, 2019 | 15:06
Updated-05 Aug, 2024 | 11:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The owned function of a smart contract implementation for DDQ, an tradable Ethereum ERC20 token, allows attackers to change the owner of the contract, because the function does not check the caller's identity.

Action-Not Available
Vendor-ddq_projectn/a
Product-ddqn/a
CWE ID-CWE-287
Improper Authentication
CVE-2018-19831
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.93% / 56.29%
||
7 Day CHG~0.00%
Published-31 Dec, 2019 | 15:06
Updated-05 Aug, 2024 | 11:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ToOwner() function of a smart contract implementation for Cryptbond Network (CBN), an tradable Ethereum ERC20 token, allows attackers to change the owner of the contract, because the function does not check the caller's identity.

Action-Not Available
Vendor-cryptbond_network_projectn/a
Product-cryptbond_networkn/a
CWE ID-CWE-287
Improper Authentication
CVE-2018-18907
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.76% / 50.89%
||
7 Day CHG+0.02%
Published-16 Jun, 2022 | 21:32
Updated-05 Aug, 2024 | 11:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on D-Link DIR-850L 1.21WW devices. A partially completed WPA handshake is sufficient for obtaining full access to the wireless network. A client can access the network by sending packets on Data Frames to the AP without encryption.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-850l_firmaredir-850ln/a
CWE ID-CWE-287
Improper Authentication
CVE-2024-45113
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-7.5||HIGH
EPSS-0.60% / 44.46%
||
7 Day CHG~0.00%
Published-13 Sep, 2024 | 09:18
Updated-16 Sep, 2024 | 12:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ColdFusion | Improper Authentication (CWE-287)

ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Authentication vulnerability that could result in privilege escalation. An attacker could exploit this vulnerability to gain unauthorized access and affect the integrity of the application. Exploitation of this issue does not require user interaction.

Action-Not Available
Vendor-Adobe Inc.
Product-coldfusionColdFusioncoldfusion
CWE ID-CWE-287
Improper Authentication
CVE-2023-33363
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.55% / 42.04%
||
7 Day CHG~0.00%
Published-03 Aug, 2023 | 00:00
Updated-17 Oct, 2024 | 19:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An authentication bypass vulnerability exists in Suprema BioStar 2 before 2.9.1, which allows unauthenticated users to access some functionality on BioStar 2 servers.

Action-Not Available
Vendor-supremaincn/a
Product-biostar_2n/a
CWE ID-CWE-287
Improper Authentication
CVE-2013-6360
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.97% / 57.60%
||
7 Day CHG~0.00%
Published-13 Feb, 2020 | 22:56
Updated-06 Aug, 2024 | 17:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TRENDnet TS-S402 has a backdoor to enable TELNET.

Action-Not Available
Vendor-n/aTRENDnet, Inc.
Product-ts-s402ts-s402_firmwaren/a
CWE ID-CWE-287
Improper Authentication
CVE-2021-45347
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.15% / 62.95%
||
7 Day CHG~0.00%
Published-14 Feb, 2022 | 18:35
Updated-04 Aug, 2024 | 04:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Incorrect Access Control vulnerability exists in zzcms 8.2, which lets a malicious user bypass authentication by changing the user name in the cookie to use any password.

Action-Not Available
Vendor-zzcmsn/a
Product-zzcmsn/a
CWE ID-CWE-287
Improper Authentication
CVE-2013-4593
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-1.75% / 75.18%
||
7 Day CHG~0.00%
Published-11 Dec, 2019 | 13:45
Updated-06 Aug, 2024 | 16:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

RubyGem omniauth-facebook has an access token security vulnerability

Action-Not Available
Vendor-omniauth-facebook_projectomniauth-facebook
Product-omniauth-facebookomniauth-facebook
CWE ID-CWE-287
Improper Authentication
CVE-2021-43444
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.20% / 64.44%
||
7 Day CHG~0.00%
Published-23 Jan, 2023 | 00:00
Updated-02 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. Signed document download URLs can be forged due to a weak default URL signing key.

Action-Not Available
Vendor-onlyofficen/a
Product-servern/a
CWE ID-CWE-287
Improper Authentication
CVE-2021-43203
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.84% / 53.29%
||
7 Day CHG~0.00%
Published-09 Nov, 2021 | 14:52
Updated-04 Aug, 2024 | 03:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In JetBrains Ktor before 1.6.4, nonce verification during the OAuth2 authentication process is implemented improperly.

Action-Not Available
Vendor-n/aJetBrains s.r.o.
Product-ktorn/a
CWE ID-CWE-287
Improper Authentication
CVE-2021-41312
Matching Score-4
Assigner-Atlassian
ShareView Details
Matching Score-4
Assigner-Atlassian
CVSS Score-7.5||HIGH
EPSS-1.17% / 63.68%
||
7 Day CHG~0.00%
Published-03 Nov, 2021 | 03:50
Updated-10 Oct, 2024 | 14:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Affected versions of Atlassian Jira Server and Data Center allow a remote attacker who has had their access revoked from Jira Service Management to enable and disable Issue Collectors on Jira Service Management projects via an Improper Authentication vulnerability in the /secure/ViewCollectors endpoint. The affected versions are before version 8.19.1.

Action-Not Available
Vendor-Atlassian
Product-data_centerjiraJira ServerJira Data Centerjira_serverjira_data_center
CWE ID-CWE-287
Improper Authentication
CVE-2021-37545
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.86% / 54.19%
||
7 Day CHG~0.00%
Published-06 Aug, 2021 | 13:24
Updated-04 Aug, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In JetBrains TeamCity before 2021.1.1, insufficient authentication checks for agent requests were made.

Action-Not Available
Vendor-n/aJetBrains s.r.o.
Product-teamcityn/a
CWE ID-CWE-287
Improper Authentication
CVE-2021-37624
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-3.52% / 87.82%
||
7 Day CHG+0.03%
Published-25 Oct, 2021 | 16:10
Updated-04 Aug, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeSWITCH does not authenticate SIP MESSAGE requests, leading to spam and message spoofing

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.10.7, FreeSWITCH does not authenticate SIP MESSAGE requests, leading to spam and message spoofing. By default, SIP requests of the type MESSAGE (RFC 3428) are not authenticated in the affected versions of FreeSWITCH. MESSAGE requests are relayed to SIP user agents registered with the FreeSWITCH server without requiring any authentication. Although this behaviour can be changed by setting the `auth-messages` parameter to `true`, it is not the default setting. Abuse of this security issue allows attackers to send SIP MESSAGE messages to any SIP user agent that is registered with the server without requiring authentication. Additionally, since no authentication is required, chat messages can be spoofed to appear to come from trusted entities. Therefore, abuse can lead to spam and enable social engineering, phishing and similar attacks. This issue is patched in version 1.10.7. Maintainers recommend that this SIP message type is authenticated by default so that FreeSWITCH administrators do not need to be explicitly set the `auth-messages` parameter. When following such a recommendation, a new parameter can be introduced to explicitly disable authentication.

Action-Not Available
Vendor-freeswitchsignalwire
Product-freeswitchfreeswitch
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2021-36350
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-5.9||MEDIUM
EPSS-1.09% / 61.35%
||
7 Day CHG~0.00%
Published-21 Dec, 2021 | 17:05
Updated-17 Sep, 2024 | 02:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS, versions 8.2.2-9.3.0.x, contain an authentication bypass by primary weakness in one of the authentication factors. A remote unauthenticated attacker may potentially exploit this vulnerability and bypass one of the factors of authentication.

Action-Not Available
Vendor-Dell Inc.
Product-powerscale_onefsPowerScale OneFS
CWE ID-CWE-287
Improper Authentication
CVE-2017-18654
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.26% / 17.44%
||
7 Day CHG~0.00%
Published-07 Apr, 2020 | 15:47
Updated-05 Aug, 2024 | 21:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0, 7.1) software. An unauthenticated attacker can register a new security certificate. The Samsung ID is SVE-2017-9659 (September 2017).

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CWE ID-CWE-287
Improper Authentication
CVE-2020-26511
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.15% / 79.87%
||
7 Day CHG~0.00%
Published-02 Oct, 2020 | 04:04
Updated-04 Aug, 2024 | 15:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The wpo365-login plugin before v11.7 for WordPress allows use of a symmetric algorithm to decrypt a JWT token. This leads to authentication bypass.

Action-Not Available
Vendor-wpo365n/a
Product-wordpress_\+_azure_ad_\/_microsoft_office_365n/a
CWE ID-CWE-287
Improper Authentication
CVE-2025-4018
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.67% / 47.64%
||
7 Day CHG+0.03%
Published-28 Apr, 2025 | 11:31
Updated-10 Oct, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
20120630 Novel-Plus CrawlController.java addCrawlSource missing authentication

A vulnerability, which was classified as critical, has been found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. This issue affects the function addCrawlSource of the file novel-crawl/src/main/java/com/java2nb/novel/controller/CrawlController.java. The manipulation leads to missing authentication. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-xxyopen20120630
Product-novel-plusNovel-Plus
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-68931
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.7||HIGH
EPSS-0.17% / 6.87%
||
7 Day CHG~0.00%
Published-13 Jan, 2026 | 19:17
Updated-20 Jan, 2026 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Jervis has AES CBC Mode Without Authentication

Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, AES/CBC/PKCS5Padding lacks authentication, making it vulnerable to padding oracle attacks and ciphertext manipulation. This vulnerability is fixed in 2.2.

Action-Not Available
Vendor-samrocketmansamrocketman
Product-jervisjervis
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2025-31271
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.5||HIGH
EPSS-0.37% / 29.32%
||
7 Day CHG~0.00%
Published-15 Sep, 2025 | 22:35
Updated-02 Apr, 2026 | 18:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This issue was addressed through improved state management. This issue is fixed in macOS Tahoe 26. Incoming FaceTime calls can appear or be accepted on a locked macOS device, even with notifications disabled on the lock screen.

Action-Not Available
Vendor-Apple Inc.
Product-macosmacOS
CWE ID-CWE-287
Improper Authentication
CVE-2021-3282
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.30% / 66.94%
||
7 Day CHG~0.00%
Published-01 Feb, 2021 | 15:38
Updated-03 Aug, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HashiCorp Vault Enterprise 1.6.0 & 1.6.1 allowed the `remove-peer` raft operator command to be executed against DR secondaries without authentication. Fixed in 1.6.2.

Action-Not Available
Vendor-n/aHashiCorp, Inc.
Product-vaultn/a
CWE ID-CWE-287
Improper Authentication
CVE-2021-29047
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.07% / 60.67%
||
7 Day CHG~0.00%
Published-16 May, 2021 | 15:29
Updated-05 Jul, 2026 | 01:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SimpleCaptcha implementation in Liferay Portal 7.3.4, 7.3.5 and Liferay DXP 7.3 before fix pack 1 does not invalidate CAPTCHA answers after it is used, which allows remote attackers to repeatedly perform actions protected by a CAPTCHA challenge by reusing the same CAPTCHA answer.

Action-Not Available
Vendor-n/aLiferay Inc.
Product-dxpliferay_portaln/a
CWE ID-CWE-287
Improper Authentication
CVE-2021-22025
Matching Score-4
Assigner-VMware by Broadcom
ShareView Details
Matching Score-4
Assigner-VMware by Broadcom
CVSS Score-7.5||HIGH
EPSS-0.81% / 52.41%
||
7 Day CHG~0.00%
Published-30 Aug, 2021 | 17:54
Updated-03 Aug, 2024 | 18:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The vRealize Operations Manager API (8.x prior to 8.5) contains a broken access control vulnerability leading to unauthenticated API access. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can add new nodes to existing vROps cluster.

Action-Not Available
Vendor-n/aVMware (Broadcom Inc.)
Product-vrealize_operations_managercloud_foundationvrealize_suite_lifecycle_managerVMware vRealize Operations
CWE ID-CWE-287
Improper Authentication
CVE-2021-26117
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-11.24% / 95.43%
||
7 Day CHG~0.00%
Published-27 Jan, 2021 | 00:00
Updated-15 Jun, 2026 | 13:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ActiveMQ: LDAP-Authentication does not verify passwords on servers with anonymous bind

The optional ActiveMQ LDAP login module can be configured to use anonymous access to the LDAP server. In this case, for Apache ActiveMQ Artemis prior to version 2.16.0 and Apache ActiveMQ prior to versions 5.16.1 and 5.15.14, the anonymous context is used to verify a valid users password in error, resulting in no check on the password.

Action-Not Available
Vendor-Oracle CorporationDebian GNU/LinuxNetApp, Inc.The Apache Software Foundation
Product-communications_element_managerartemisdebian_linuxflexcube_private_bankingcommunications_session_report_manageractivemqcommunications_session_route_manageroncommand_workflow_automationApache ActiveMQ
CWE ID-CWE-287
Improper Authentication
CVE-2021-25442
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-7.5||HIGH
EPSS-0.92% / 55.99%
||
7 Day CHG~0.00%
Published-08 Jul, 2021 | 13:48
Updated-03 Aug, 2024 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper MDM policy management vulnerability in KME module prior to KCS version 1.39 allows MDM users to bypass Knox Manage authentication.

Action-Not Available
Vendor-SamsungSamsung Electronics
Product-knox_cloud_servicesKnox Mobile Enrollment
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-287
Improper Authentication
CVE-2023-30223
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.12% / 62.31%
||
7 Day CHG~0.00%
Published-16 Jun, 2023 | 00:00
Updated-02 Aug, 2024 | 14:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A broken authentication vulnerability in 4D SAS 4D Server software v17, v18, v19 R7, and earlier allows attackers to send crafted TCP packets containing requests to perform arbitrary actions.

Action-Not Available
Vendor-4dn/a
Product-servern/a
CWE ID-CWE-287
Improper Authentication
CVE-2022-29865
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.50% / 71.21%
||
7 Day CHG+0.03%
Published-16 Jun, 2022 | 16:50
Updated-03 Aug, 2024 | 06:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OPC UA .NET Standard Stack allows a remote attacker to bypass the application authentication check via crafted fake credentials.

Action-Not Available
Vendor-opcfoundationn/a
Product-ua_.net_standard_stackn/a
CWE ID-CWE-287
Improper Authentication
CVE-2021-20590
Matching Score-4
Assigner-Mitsubishi Electric Corporation
ShareView Details
Matching Score-4
Assigner-Mitsubishi Electric Corporation
CVSS Score-7.5||HIGH
EPSS-1.27% / 66.42%
||
7 Day CHG~0.00%
Published-22 Apr, 2021 | 18:54
Updated-03 Aug, 2024 | 17:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper authentication vulnerability in GOT2000 series GT27 model VNC server versions 01.39.010 and prior, GOT2000 series GT25 model VNC server versions 01.39.010 and prior, GOT2000 series GT21 model GT2107-WTBD VNC server versions 01.40.000 and prior, GOT2000 series GT21 model GT2107-WTSD VNC server versions 01.40.000 and prior, GOT SIMPLE series GS21 model GS2110-WTBD-N VNC server versions 01.40.000 and prior and GOT SIMPLE series GS21 model GS2107-WTBD-N VNC server versions 01.40.000 and prior allows a remote unauthenticated attacker to gain unauthorized access via specially crafted packets when the "VNC server" function is used.

Action-Not Available
Vendor-n/aMitsubishi Electric Corporation
Product-gt2107-wtbd_firmwaregt2107-wtsd_firmwaregs2110-wtbd-ngs2107-wtbd-ngot2000_gt25_firmwaregot2000_gt27_firmwaregot2000_gt25gt2107-wtbdgs2107-wtbd-n_firmwaregot2000_gt27gt2107-wtsdgs2110-wtbd-n_firmwareGOT2000 series GT25 modelGOT2000 series GT21 model GT2107-WTSDGOT SIMPLE series GS21 model GS2107-WTBD-NGOT SIMPLE series GS21 model GS2110-WTBD-NGOT2000 series GT27 modelGOT2000 series GT21 model GT2107-WTBD
CWE ID-CWE-287
Improper Authentication
CVE-2023-28540
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.43% / 34.58%
||
7 Day CHG~0.00%
Published-03 Oct, 2023 | 05:00
Updated-27 Feb, 2025 | 20:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Authentication in Data Modem

Cryptographic issue in Data Modem due to improper authentication during TLS handshake.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm7325-ae_firmwaresm6250p_firmwareqcs610315_5g_iot_modem_firmwareqca8337qfw7124sg8275p_firmwareqca6431_firmwarewcd9360_firmwarewsa8840snapdragon_212_mobile_platformwcn3950_firmwareqcs2290qca6595au_firmwaresnapdragon_x70_modem-rf_systemsm8350csra6620_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwareapq5053-aa_firmwarewcn685x-1sm7350-ab_firmwaresm4375wcn3998wcd9371_firmwarewcn3950qcn6024_firmwaresm6375_firmwarewcn3660bsm7150-acsd460_firmwaresm7315_firmwaresm7325-aeqca6574au_firmwaresm4250-aawcd9375_firmwarewcn3998_firmwareqca8081_firmwaresm6225-adqca6420wcd9360snapdragon_auto_5g_modem-rf_firmwaresm6225-ad_firmwarewsa8840_firmwareqca6698aqqcs6125sd662_firmwaresm7250-ab_firmwareqca6430wcd9340sw5100qca6436qca6698aq_firmwaremsm8905wcn685x-1_firmwaresm8150_firmwarewcd9341qca6431qca6696_firmwarewcd9371wcn3910_firmwaresm4350_firmwareqcc710_firmwaresm8250-ac_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwaresm7225_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcn3988sm4250-aa_firmwaresm8475wcn6750_firmwaresm6125_firmwarewcn3610snapdragon_675_mobile_platform_firmwaresm6375wcn3991qca8337_firmwarewcd9380_firmwaresw5100psnapdragon_w5\+_gen_1_wearable_platformqcm8550snapdragon_7c\+_gen_3_computewcd9380qcs410snapdragon_210_processorsm7150-aa_firmwaresg8275pqca6430_firmwarewcd9335_firmwareqfw7114_firmwarewcn3980wsa8845sm7225qcm4325_firmwarewcd9340_firmwarewsa8815sm6150-ac_firmwarewcn3910qca6426_firmwarewcn3660b_firmwareqcn9024wcn3980_firmwaresd730snapdragon_x50_5g_modem-rf_system_firmwaresm7150-aasc7180-ac_firmwareqca6421_firmwaresm6350sm7125sm8475_firmwarewcn6740_firmwareqcs4490_firmwaresnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_systemsm7150-ab_firmwaresm8350_firmwaresnapdragon_x75_5g_modem-rf_system_firmwaresm6350_firmwarewcn785x-1_firmwareqcn9024_firmwaresdx57msnapdragon_8\+_gen_2_mobile_platformqcm4290_firmwarewsa8832sw5100p_firmwareqcs610_firmwareqcc710qcs4490sdm439_firmwarewcd9395qca6391_firmwarewcd9370_firmwareqm215_firmwaresm8550p_firmwaresm4350-ac_firmwaresdx55sd888_firmwaresd675csra6640sm8250qfw7124_firmwarear8035_firmwareqcm2290wcn3991_firmwaresnapdragon_662_mobile_platform_firmwarewsa8830sm6125qcs2290_firmwarewcn785x-5csra6620qcn6224_firmwaresm7250-ac_firmwareqcs4290qca6420_firmwaresc7180-acqca6390_firmwaresd730_firmwarewcd9370sd675_firmwareqca6426wcn3990_firmwaresnapdragon_8_gen_2_mobile_platformsm8450sm8250-abwcd9385_firmwarewcd9326_firmwarewcn3615_firmwaresd662sm7325-afsnapdragon_x55_5g_modem-rf_systemmsm8905_firmwarewcn3680b_firmwaresdx55_firmwaresnapdragon_4_gen_2_mobile_platformsnapdragon_212_mobile_platform_firmwareqca6595ausm7325-af_firmwarewsa8845h_firmwareqfw7114sm7250p_firmwarewcn3615wcn3610_firmwareqca6436_firmwaresm4350-acsnapdragon_w5\+_gen_1_wearable_platform_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwaresnapdragon_x70_modem-rf_system_firmwareqcs6490qcs8550_firmwaresm8250_firmwaresm8250-acwcn3988_firmware315_5g_iot_modemqm215qca6421sm6250sm7250-aawsa8810_firmwareqcn6224sm4375_firmwaresm8450_firmwaresc7180-adwsa8845hwcd9326snapdragon_x75_5g_modem-rf_systemsg4150pwcd9335wcd9395_firmwareqca8081qcm4490qcs4290_firmwarewcd9385sxr2130_firmwareqcs6490_firmwaresm7150-abqca6390ar8035wcd9375aqt1000snapdragon_210_processor_firmwaresm6250_firmwarewcd9390snapdragon_662_mobile_platformsm8150qcm6490wsa8815_firmwarewsa8835_firmwaresm7350-absg4150p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwarewcn785x-1qcm6125_firmwareqcm4325qcm2290_firmwareapq5053-aawcn3990sd_675sd865_5gsm8350-ac_firmwaresdm439sm8150-acsd888wsa8835sc7180-ad_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwaresnapdragon_auto_5g_modem-rfqcn6274sm6250psnapdragon_4_gen_2_mobile_platform_firmwaresxr2130qca6574awcn685x-5_firmwaresm7325psm7325wcn6750sm7150-ac_firmwaresm7250-absd855sm7325p_firmwaresdx57m_firmwarewsa8845_firmwaresnapdragon_xr2_5g_platform_firmwareqca6574a_firmwarewcn785x-5_firmwaresm7315sd460qca6391sm8250-ab_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareaqt1000_firmwareqcm4490_firmwareqcn6274_firmwareqcm4290qcm6490_firmwarewsa8832_firmwarewcn685x-5qca6574auwcd9341_firmwareqcm6125wsa8810sm7250-aa_firmwaresm7250-acsm8550psm8150-ac_firmwarewcn3680bsm8350-acsnapdragon_675_mobile_platformwcn6740qca6696qcs8550sm4350sm6150-acsm7125_firmwaresnapdragon_x50_5g_modem-rf_systemwcd9390_firmwareqcn6024sm7250psw5100_firmwareqcs410_firmwaresm7325_firmwareSnapdragon
CWE ID-CWE-287
Improper Authentication
CVE-2020-8272
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-7.5||HIGH
EPSS-1.45% / 70.25%
||
7 Day CHG~0.00%
Published-16 Nov, 2020 | 00:33
Updated-04 Aug, 2024 | 09:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Authentication Bypass resulting in exposure of SD-WAN functionality in Citrix SD-WAN Center versions before 11.2.2, 11.1.2b and 10.2.8

Action-Not Available
Vendor-n/aCitrix (Cloud Software Group, Inc.)
Product-sd-wanCitrix SD-WAN Center
CWE ID-CWE-287
Improper Authentication
CVE-2023-24830
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-1.33% / 67.65%
||
7 Day CHG~0.00%
Published-30 Jan, 2023 | 16:25
Updated-28 Mar, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache IoTDB Workbench: apache/iotdb-web-workbench: create a user without authorization

Improper Authentication vulnerability in Apache Software Foundation Apache IoTDB.This issue affects iotdb-web-workbench component: from 0.13.0 before 0.13.3.

Action-Not Available
Vendor-The Apache Software Foundation
Product-iotdbApache IoTDB Workbench
CWE ID-CWE-287
Improper Authentication
CVE-2020-36176
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.29% / 66.77%
||
7 Day CHG~0.00%
Published-06 Jan, 2021 | 14:47
Updated-04 Aug, 2024 | 17:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The iThemes Security (formerly Better WP Security) plugin before 7.7.0 for WordPress does not enforce a new-password requirement for an existing account until the second login occurs.

Action-Not Available
Vendor-n/aSolidWP (iThemes)
Product-ithemes_securityn/a
CWE ID-CWE-287
Improper Authentication
CVE-2022-1801
Matching Score-4
Assigner-WPScan
ShareView Details
Matching Score-4
Assigner-WPScan
CVSS Score-7.5||HIGH
EPSS-1.16% / 63.42%
||
7 Day CHG~0.00%
Published-20 Jun, 2022 | 10:25
Updated-03 Aug, 2024 | 00:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Very Simple Contact Form < 11.6 - Captcha bypass

The Very Simple Contact Form WordPress plugin before 11.6 exposes the solution to the captcha in the rendered contact form, both as hidden input fields and as plain text in the page, making it very easy for bots to bypass the captcha check, rendering the page a likely target for spam bots.

Action-Not Available
Vendor-very_simple_contact_form_projectUnknown
Product-very_simple_contact_formVery Simple Contact Form
CWE ID-CWE-804
Guessable CAPTCHA
CWE ID-CWE-287
Improper Authentication
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found