Vulnerabilities > Authentication Bypass by Capture-replay
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-23 | CVE-2020-15688 | Authentication Bypass by Capture-replay vulnerability in Embedthis Goahead The HTTP Digest Authentication in the GoAhead web server before 5.1.2 does not completely protect against replay attacks. | 8.8 |
| 2020-07-14 | CVE-2020-10045 | Authentication Bypass by Capture-replay vulnerability in Siemens products A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). | 6.8 |
| 2020-07-10 | CVE-2020-4042 | Authentication Bypass by Capture-replay vulnerability in Bareos Bareos before version 19.2.8 and earlier allows a malicious client to communicate with the director without knowledge of the shared secret if the director allows client initiated connection and connects to the client itself. | 4.3 |
| 2020-06-23 | CVE-2020-9438 | Authentication Bypass by Capture-replay vulnerability in Tinxy Smart Wifi Door Lock Firmware Tinxy Door Lock with firmware before 3.2 allow attackers to unlock a door by replaying an Unlock request that occurred when the attacker was previously authorized. | 5.9 |
| 2020-05-07 | CVE-2020-12692 | Authentication Bypass by Capture-replay vulnerability in multiple products An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. | 5.5 |
| 2020-04-06 | CVE-2020-5300 | Authentication Bypass by Capture-replay vulnerability in ORY Hydra In Hydra (an OAuth2 Server and OpenID Certified™ OpenID Connect Provider written in Go), before version 1.4.0+oryOS.17, when using client authentication method 'private_key_jwt' [1], OpenId specification says the following about assertion `jti`: "A unique identifier for the token, which can be used to prevent reuse of the token. | 3.5 |
| 2020-03-25 | CVE-2020-5261 | Authentication Bypass by Capture-replay vulnerability in Sustainsys Saml2 Saml2 Authentication services for ASP.NET (NuGet package Sustainsys.Saml2) greater than 2.0.0, and less than version 2.5.0 has a faulty implementation of Token Replay Detection. | 4.9 |
| 2020-03-24 | CVE-2020-6972 | Authentication Bypass by Capture-replay vulnerability in Honeywell Notifier Webserver 3.50 In Notifier Web Server (NWS) Version 3.50 and earlier, the Honeywell Fire Web Server’s authentication may be bypassed by a capture-replay attack from a web browser. | 6.4 |
| 2020-03-23 | CVE-2019-20626 | Authentication Bypass by Capture-replay vulnerability in Honda Hr-V 2017 Firmware The remote keyless system on Honda HR-V 2017 vehicles sends the same RF signal for each door-open request, which might allow a replay attack. | 6.5 |
| 2020-03-05 | CVE-2020-10185 | Authentication Bypass by Capture-replay vulnerability in Yubico Yubikey ONE Time Password Validation Server The sync endpoint in YubiKey Validation Server before 2.40 allows remote attackers to replay an OTP. | 6.8 |