Vulnerabilities > Authentication Bypass by Capture-replay
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-02 | CVE-2020-23178 | Authentication Bypass by Capture-replay vulnerability in PHP-Fusion 9.03.50 An issue exists in PHP-Fusion 9.03.50 where session cookies are not deleted once a user logs out, allowing for an attacker to perform a session replay attack and impersonate the victim user. | 5.4 |
| 2021-06-08 | CVE-2020-28713 | Authentication Bypass by Capture-replay vulnerability in Nightowlsp Smart Doorbell Firmware 20190505 Incorrect access control in push notification service in Night Owl Smart Doorbell FW version 20190505 allows remote users to send push notification events via an exposed PNS server. | 6.5 |
| 2021-05-07 | CVE-2021-27572 | Authentication Bypass by Capture-replay vulnerability in Remotemouse Emote Remote Mouse An issue was discovered in Emote Remote Mouse through 4.0.0.0. | 8.1 |
| 2021-02-09 | CVE-2021-22267 | Authentication Bypass by Capture-replay vulnerability in HPE web Viewpoint Idelji Web ViewPoint Suite, as used in conjunction with HPE NonStop, allows a remote replay attack for T0320L01^ABP through T0320L01^ABZ, T0952L01^AAH through T0952L01^AAR, T0986L01 through T0986L01^AAF, T0665L01^AAP, and T0662L01^AAP (L) and T0320H01^ABO through T0320H01^ABY, T0952H01^AAG through T0952H01^AAQ, T0986H01 through T0986H01^AAE, T0665H01^AAO, and T0662H01^AAO (J and H). | 5.9 |
| 2021-02-08 | CVE-2021-25835 | Authentication Bypass by Capture-replay vulnerability in Chainsafe Ethermint Cosmos Network Ethermint <= v0.4.0 is affected by a cross-chain transaction replay vulnerability in the EVM module. | 7.5 |
| 2021-02-08 | CVE-2021-25834 | Authentication Bypass by Capture-replay vulnerability in Chainsafe Ethermint Cosmos Network Ethermint <= v0.4.0 is affected by a transaction replay vulnerability in the EVM module. | 7.5 |
| 2021-01-19 | CVE-2020-27269 | Authentication Bypass by Capture-replay vulnerability in Sooil products In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, the communication protocol of the insulin pump and its AnyDana-i and AnyDana-A mobile applications lacks replay protection measures, which allows unauthenticated, physically proximate attackers to replay communication sequences via Bluetooth Low Energy. | 5.7 |
| 2020-12-18 | CVE-2020-26172 | Authentication Bypass by Capture-replay vulnerability in Tangro Business Workflow 1.17.5 Every login in tangro Business Workflow before 1.18.1 generates the same JWT token, which allows an attacker to reuse the token when a session is active. | 6.5 |
| 2020-12-18 | CVE-2020-35551 | Authentication Bypass by Capture-replay vulnerability in Google Android An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. | 9.8 |
| 2020-12-15 | CVE-2020-14302 | Authentication Bypass by Capture-replay vulnerability in Redhat Keycloak A flaw was found in Keycloak before 13.0.0 where an external identity provider, after successful authentication, redirects to a Keycloak endpoint that accepts multiple invocations with the use of the same "state" parameter. | 4.9 |