Vulnerabilities > Authentication Bypass by Spoofing
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-12 | CVE-2024-6678 | Authentication Bypass by Spoofing vulnerability in Gitlab An issue was discovered in GitLab CE/EE affecting all versions starting from 8.14 prior to 17.1.7, starting from 17.2 prior to 17.2.5, and starting from 17.3 prior to 17.3.2, which allows an attacker to trigger a pipeline as an arbitrary user under certain circumstances. | 8.8 |
| 2024-09-10 | CVE-2024-44104 | Authentication Bypass by Spoofing vulnerability in Ivanti Workspace Control An incorrectly implemented authentication scheme that is subjected to a spoofing attack in the management console of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker to escalate their privileges. | 7.8 |
| 2024-08-23 | CVE-2024-42364 | Authentication Bypass by Spoofing vulnerability in Gethomepage Homepage 0.9.1 Homepage is a highly customizable homepage with Docker and service API integrations. | 6.5 |
| 2024-08-07 | CVE-2024-41432 | Authentication Bypass by Spoofing vulnerability in Likeshop 2.5.7.20210311 An IP Spoofing vulnerability has been discovered in Likeshop up to 2.5.7.20210811. | 5.3 |
| 2024-07-19 | CVE-2024-41107 | Authentication Bypass by Spoofing vulnerability in Apache Cloudstack The CloudStack SAML authentication (disabled by default) does not enforce signature check. | 8.1 |
| 2024-07-08 | CVE-2024-6163 | Authentication Bypass by Spoofing vulnerability in Checkmk Certain http endpoints of Checkmk in Checkmk < 2.3.0p10 < 2.2.0p31, < 2.1.0p46, <= 2.0.0p39 allows remote attacker to bypass authentication and access data | 5.3 |
| 2024-06-10 | CVE-2024-35749 | Authentication Bypass by Spoofing vulnerability in Acurax Under Construction / Maintenance Mode 2.6 Authentication Bypass by Spoofing vulnerability in Acurax Under Construction / Maintenance Mode from Acurax allows Authentication Bypass.This issue affects Under Construction / Maintenance Mode from Acurax: from n/a through 2.6. | 5.3 |
| 2024-06-05 | CVE-2024-5037 | Authentication Bypass by Spoofing vulnerability in Redhat products A flaw was found in OpenShift's Telemeter. | 7.5 |
| 2024-05-29 | CVE-2024-4358 | Authentication Bypass by Spoofing vulnerability in Telerik Report Server 2024 In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability. | 9.8 |
| 2024-02-08 | CVE-2023-7169 | Authentication Bypass by Spoofing vulnerability in Snowsoftware Snow Inventory Agent Authentication Bypass by Spoofing vulnerability in Snow Software Snow Inventory Agent on Windows allows Signature Spoof.This issue affects Snow Inventory Agent: through 6.14.5. | 5.5 |