• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-287

CVE-2021-24017

February 23, 2023 by

An improper authentication in Fortinet FortiManager version 6.4.3 and below, 6.2.6 and below allows attacker to assign arbitrary Policy and Object modules via crafted requests to the request handler.

CVE-2021-23857

February 23, 2023 by

Login with hash: The login routine allows the client to log in to the system not by using the password, but by using the hash of the password. Combined with CVE-2021-23858, this allows an attacker to subsequently login to the system.

CVE-2021-23923

February 23, 2023 by

An issue was discovered in Devolutions Server before 2020.3. There is Broken Authentication with Windows domain users.

CVE-2021-23365

February 23, 2023 by

The package github.com/tyktechnologies/tyk-identity-broker before 1.1.1 are vulnerable to Authentication Bypass via the Go XML parser which can cause SAML authentication bypass. This is because the XML parser doesn’t guarantee integrity in the XML round-trip (encoding/decoding XML data).

CVE-2021-23196

February 23, 2023 by

The web application on Agilia Link+ version 3.0 implements authentication and session management mechanisms exclusively on the client-side and does not protect authentication attributes sufficiently.

CVE-2021-23147

February 23, 2023 by

Netgear Nighthawk R6700 version 1.0.4.120 does not have sufficient protections for the UART console. A malicious actor with physical access to the device is able to connect to the UART port via a serial connection and execute commands as the root user without authentication.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 213
  • Go to page 214
  • Go to page 215
  • Go to page 216
  • Go to page 217
  • Interim pages omitted …
  • Go to page 289
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE