• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-287

CVE-2018-15819

February 26, 2023 by

EasyIO EasyIO-30P devices before 2.0.5.27 have Incorrect Access Control, related to webuser.js.

CVE-2018-15721

February 26, 2023 by

The XMPP server in Logitech Harmony Hub before version 4.15.206 is vulnerable to authentication bypass via a crafted XMPP request. Remote attackers can use this vulnerability to gain access to the local API.

CVE-2018-15727

February 26, 2023 by

Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid “remember me” cookie knowing only a username of an LDAP or OAuth user.

CVE-2018-15751

February 26, 2023 by

SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allow remote attackers to bypass authentication and execute arbitrary commands via salt-api(netapi).

CVE-2018-15667

February 26, 2023 by

An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. It registers and uses the airmail:// URL scheme. The “send” command in the URL scheme allows an external application to send arbitrary emails from an active account without authentication. The handler has no restriction on who can use its functionality. The handler can be invoked using any method that invokes the URL handler such as a hyperlink in an email. The user is not prompted when the handler processes the “send” command, thus leading to automatic transmission of an attacker crafted email from the target account.

CVE-2018-15598

February 26, 2023 by

Containous Traefik 1.6.x before 1.6.6, when –api is used, exposes the configuration and secret if authentication is missing and the API’s port is publicly reachable.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 73
  • Go to page 74
  • Go to page 75
  • Go to page 76
  • Go to page 77
  • Interim pages omitted …
  • Go to page 289
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE