• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-287

CVE-2018-16465

February 26, 2023 by

Missing state in Nextcloud Server prior to 14.0.0 would not enforce the use of a second factor at login if the the provider of the second factor failed to load.

CVE-2018-16467

February 26, 2023 by

A missing check in Nextcloud Server prior to 14.0.0 could give unauthorized access to the previews of single file password protected shares.

CVE-2018-1638

February 26, 2023 by

IBM API Connect 5.0.0.0-5.0.8.3 Developer Portal does not enforce Two Factor Authentication (TFA) while resetting a user password but enforces it for all other login scenarios. IBM X-Force ID: 144483.

CVE-2018-16286

February 26, 2023 by

LG SuperSign CMS allows authentication bypass because the CAPTCHA requirement is skipped if a captcha:pass cookie is sent, and because the PIN is limited to four digits.

CVE-2018-16219

February 26, 2023 by

A missing password verification in the web interface in AudioCodes 405HD VoIP phone with firmware 2.2.12 allows an remote attacker (in the same network as the device) to change the admin password without authentication via a POST request.

CVE-2018-16160

February 26, 2023 by

SecureCore Standard Edition Version 2.x allows an attacker to bypass the product ‘s authentication to log in to a Windows PC.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 72
  • Go to page 73
  • Go to page 74
  • Go to page 75
  • Go to page 76
  • Interim pages omitted …
  • Go to page 289
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE