• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-287

CVE-2018-2483

February 26, 2023 by

HTTP Verb Tampering is possible in SAP BusinessObjects Business Intelligence Platform, versions 4.1 and 4.2, Central Management Console (CMC) by changing request method.

CVE-2018-2449

February 26, 2023 by

SAP SRM MDM Catalog versions 3.73, 7.31, 7.32 in (SAP NetWeaver 7.3) – import functionality does not perform authentication checks for valid repository user. This is an unauthenticated functionality that you can use on windows machines to do SMB relaying.

CVE-2018-21263

February 26, 2023 by

An issue was discovered in Mattermost Server before 4.7.0, 4.6.2, and 4.5.2. An attacker could authenticate to a different user’s account via a crafted SAML response.

CVE-2018-21235

February 26, 2023 by

An issue was discovered in Foxit E-mail advertising system before September 2018. It allows authentication bypass and information disclosure, related to Interspire Email Marketer.

CVE-2018-21246

February 26, 2023 by

Caddy before 0.10.13 mishandles TLS client authentication, as demonstrated by an authentication bypass caused by the lack of the StrictHostMatching mode.

CVE-2018-21118

February 26, 2023 by

NETGEAR XR500 devices before 2.3.2.32 are affected by authentication bypass.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 59
  • Go to page 60
  • Go to page 61
  • Go to page 62
  • Go to page 63
  • Interim pages omitted …
  • Go to page 289
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE