• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-287

CVE-2021-45379

February 23, 2023 by

Glewlwyd 2.0.0, fixed in 2.6.1 is affected by an incorrect access control vulnerability. One user can attempt to log in as another user without its password.

CVE-2021-45389

February 23, 2023 by

A flaw was found with the JWT token. A self-signed JWT token could be injected into the update manager and bypass the authentication process, thus could escalate privileges. This affects StarWind SAN and NAS build 1578 and StarWind Command Center build 6864.

CVE-2021-45035

February 23, 2023 by

Velneo vClient on its 28.1.3 version, does not correctly check the certificate of authenticity by default. This could allow an attacker that has access to the network to perform a MITM attack in order to obtain the user“s credentials.

CVE-2021-44937

February 23, 2023 by

glFusion CMS v1.7.9 is affected by an arbitrary user registration vulnerability in /public_html/users.php. An attacker can register with the mailbox of any user. When users want to register, they will find that the mailbox has been occupied.

CVE-2021-44949

February 23, 2023 by

glFusion CMS 1.7.9 is affected by an access control vulnerability via /public_html/users.php.

CVE-2021-44759

February 23, 2023 by

Improper Authentication vulnerability in TLS origin validation of Apache Traffic Server allows an attacker to create a man in the middle attack. This issue affects Apache Traffic Server 8.0.0 to 8.1.0.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 175
  • Go to page 176
  • Go to page 177
  • Go to page 178
  • Go to page 179
  • Interim pages omitted …
  • Go to page 289
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE