• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-287

CVE-2021-38376

February 23, 2023 by

OX App Suite through 7.10.5 has Incorrect Access Control for retrieval of session information via the rampup action of the login API call.

CVE-2021-38299

February 23, 2023 by

Webauthn Framework 3.3.x before 3.3.4 has Incorrect Access Control. An attacker that controls a user’s system is able to login to a vulnerable service using an attached FIDO2 authenticator without passing a check of the user presence.

CVE-2021-3827

February 23, 2023 by

A flaw was found in keycloak, where the default ECP binding flow allows other authentication flows to be bypassed. By exploiting this behavior, an attacker can bypass the MFA authentication by sending a SOAP request with an AuthnRequest and Authorization header with the user’s credentials. The highest threat from this vulnerability is to confidentiality and integrity.

CVE-2021-38161

February 23, 2023 by

Improper Authentication vulnerability in TLS origin verification of Apache Traffic Server allows for man in the middle attacks. This issue affects Apache Traffic Server 8.0.0 to 8.0.8.

CVE-2021-3788

February 23, 2023 by

An exposed debug interface was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker with physical access unauthorized access to the device.

CVE-2021-37580

February 23, 2023 by

A flaw was found in Apache ShenYu Admin. The incorrect use of JWT in ShenyuAdminBootstrap allows an attacker to bypass authentication. This issue affected Apache ShenYu 2.3.0 and 2.4.0

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 188
  • Go to page 189
  • Go to page 190
  • Go to page 191
  • Go to page 192
  • Interim pages omitted …
  • Go to page 289
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE