• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-287

CVE-2019-6521

February 26, 2023 by

WebAccess/SCADA, Version 8.3. Specially crafted requests could allow a possible authentication bypass that could allow an attacker to obtain and manipulate sensitive information.

CVE-2019-6527

February 26, 2023 by

PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166) may allow an attacker to be able to change the password for an admin user who is currently or previously logged in, provided the device has not been restarted.

CVE-2019-6441

February 26, 2023 by

An issue was discovered on Shenzhen Coship RT3050 4.0.0.40, RT3052 4.0.0.48, RT7620 10.0.0.49, WM3300 5.0.0.54, and WM3300 5.0.0.55 devices. The password reset functionality of the router doesn’t have backend validation for the current password and doesn’t require any type of authentication. By making a POST request to the apply.cgi file of the router, the attacker can change the admin username and password of the router.

CVE-2019-6481

February 26, 2023 by

Abine Blur 7.8.2431 allows remote attackers to conduct “Second-Factor Auth Bypass” attacks by using the “Perform a right-click operation to access a forgotten dev menu to insert user passwords that otherwise would require the user to accept a second-factor request in a mobile app.” approach, related to a “Multifactor Auth Bypass, Full Disk Encryption Bypass” issue affecting the Affected Chrome Plugin component.

CVE-2019-6143

February 26, 2023 by

Forcepoint Next Generation Firewall (Forcepoint NGFW) 6.4.x before 6.4.7, 6.5.x before 6.5.4, and 6.6.x before 6.6.2 has a serious authentication vulnerability that potentially allows unauthorized users to bypass password authentication and access services protected by the NGFW Engine. The vulnerability affects the following NGFW features when the LDAP authentication method is used as the backend authentication: IPsec VPN, SSL VPN or Browser-based user authentication. The vulnerability does not apply when any other backend authentication is used. The RADIUS authentication method is not vulnerable, for example.

CVE-2019-5964

February 26, 2023 by

iDoors Reader 2.10.17 and earlier allows an attacker on the same network segment to bypass authentication to access the management console and operate the product via unspecified vectors.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 143
  • Go to page 144
  • Go to page 145
  • Go to page 146
  • Go to page 147
  • Interim pages omitted …
  • Go to page 289
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE