Vulnerabilities > Authentication Bypass by Capture-replay
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-09 | CVE-2024-36250 | Authentication Bypass by Capture-replay vulnerability in Mattermost Server Mattermost versions 9.11.x <= 9.11.2, and 9.5.x <= 9.5.10 fail to protect the mfa code against replay attacks, which allows an attacker to reuse the MFA code within ~30 seconds | 4.8 |
| 2024-10-29 | CVE-2024-22066 | Authentication Bypass by Capture-replay vulnerability in ZTE products There is a privilege escalation vulnerability in ZTE ZXR10 ZSR V2 intelligent multi service router . | 6.5 |
| 2024-09-18 | CVE-2024-39081 | Authentication Bypass by Capture-replay vulnerability in Jktyre Smart Tyre CAR & Bike 4.2.0 An issue in SMART TYRE CAR & BIKE v4.2.0 allows attackers to perform a man-in-the-middle attack via Bluetooth communications. | 4.2 |
| 2024-08-30 | CVE-2024-8260 | Authentication Bypass by Capture-replay vulnerability in Openpolicyagent Open Policy Agent A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. | 7.3 |
| 2024-08-27 | CVE-2024-3982 | Authentication Bypass by Capture-replay vulnerability in Hitachienergy Microscada X Sys600 An attacker with local access to machine where MicroSCADA X SYS600 is installed, could enable the session logging supporting the product and try to exploit a session hijacking of an already established session. | 8.2 |
| 2024-07-30 | CVE-2024-5249 | Authentication Bypass by Capture-replay vulnerability in Perforce Akana API In versions of Akana API Platform prior to 2024.1.0, SAML tokens can be replayed. | 7.5 |
| 2024-07-21 | CVE-2024-38438 | Authentication Bypass by Capture-replay vulnerability in Dlink Dsl-225 Firmware Gem1.00.02 D-Link - CWE-294: Authentication Bypass by Capture-replay | 9.8 |
| 2024-06-26 | CVE-2024-38272 | Authentication Bypass by Capture-replay vulnerability in Google Nearby There exists a vulnerability in Quick Share/Nearby, where an attacker can bypass the accept file dialog on Quick Share Windows. Normally in Quick Share Windows app we can't send a file without the user accept from the receiving device if the visibility is set to everyone mode or contacts mode. We recommend upgrading to version 1.0.1724.0 of Quick Share or above | 4.3 |
| 2024-06-12 | CVE-2024-34065 | Authentication Bypass by Capture-replay vulnerability in Strapi Strapi is an open-source content management system. | 8.1 |
| 2024-06-05 | CVE-2024-4009 | Authentication Bypass by Capture-replay vulnerability in ABB products Replay Attack in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows attacker to capture/replay KNX telegram to local KNX Bus-System | 7.8 |