• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-290

CVE-2020-10807

February 26, 2023 by

auth_svc in Caldera before 2.6.5 allows authentication bypass (for REST API requests) via a forged “localhost” string in the HTTP Host header.

CVE-2020-10135

February 26, 2023 by

Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. An unauthenticated, adjacent attacker could impersonate a Bluetooth BR/EDR master or slave to pair with a previously paired remote device to successfully complete the authentication procedure without knowing the link key.

CVE-2020-10136

February 26, 2023 by

Multiple products that implement the IP Encapsulation within IP standard (RFC 2003, STD 1) decapsulate and route IP-in-IP traffic without any validation, which could allow an unauthenticated remote attacker to route arbitrary traffic via an exposed network interface and lead to spoofing, access control bypass, and other unexpected network behaviors.

CVE-2019-3884

February 26, 2023 by

A vulnerability exists in the garbage collection mechanism of atomic-openshift. An attacker able spoof the UUID of a valid object from another namespace is able to delete children of those objects. Versions 3.6, 3.7, 3.8, 3.9, 3.10, 3.11 and 4.1 are affected.

CVE-2019-25023

February 26, 2023 by

An issue was discovered in Scytl sVote 2.1. Because the IP address from an X-Forwarded-For header (which can be manipulated client-side) is used for the internal application logs, an attacker can inject wrong IP addresses into these logs.

CVE-2019-20790

February 26, 2023 by

OpenDMARC through 1.3.2 and 1.4.x, when used with pypolicyd-spf 2.0.2, allows attacks that bypass SPF and DMARC authentication in situations where the HELO field is inconsistent with the MAIL FROM field.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 6
  • Go to page 7
  • Go to page 8
  • Go to page 9
  • Go to page 10
  • Interim pages omitted …
  • Go to page 24
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE