Vulnerabilities > Authentication Bypass by Spoofing
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-06 | CVE-2022-26505 | Authentication Bypass by Spoofing vulnerability in multiple products A DNS rebinding issue in ReadyMedia (formerly MiniDLNA) before 1.3.1 allows a remote web server to exfiltrate media files. | 7.4 |
| 2022-02-24 | CVE-2022-21142 | Authentication Bypass by Spoofing vulnerability in Appleple A-Blog CMS Authentication bypass vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.74, Ver.2.9.x series versions prior to Ver.2.9.39, Ver.2.10.x series versions prior to Ver.2.10.43, and Ver.2.11.x series versions prior to Ver.2.11.41 allows a remote unauthenticated attacker to bypass authentication under the specific condition. | 9.8 |
| 2022-02-11 | CVE-2022-24112 | Authentication Bypass by Spoofing vulnerability in Apache Apisix An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. | 9.8 |
| 2022-01-13 | CVE-2022-23131 | Authentication Bypass by Spoofing vulnerability in Zabbix In the case of instances where the SAML SSO authentication is enabled (non-default), session data can be modified by a malicious actor, because a user login stored in the session was not verified. | 9.8 |
| 2021-12-15 | CVE-2021-42320 | Authentication Bypass by Spoofing vulnerability in Microsoft Sharepoint Enterprise Server and Sharepoint Server Microsoft SharePoint Server Spoofing Vulnerability | 5.7 |
| 2021-12-14 | CVE-2021-43807 | Authentication Bypass by Spoofing vulnerability in Apereo Opencast Opencast is an Open Source Lecture Capture & Video Management for Education. | 6.5 |
| 2021-12-07 | CVE-2021-40288 | Authentication Bypass by Spoofing vulnerability in Tp-Link Archer Ax10 Firmware 230220/230508 A denial-of-service attack in WPA2, and WPA3-SAE authentication methods in TP-Link AX10v1 before V1_211014, allows a remote unauthenticated attacker to disconnect an already connected wireless client via sending with a wireless adapter specific spoofed authentication frames | 7.5 |
| 2021-11-24 | CVE-2021-42308 | Authentication Bypass by Spoofing vulnerability in Microsoft Edge Chromium Microsoft Edge (Chromium-based) Spoofing Vulnerability | 3.1 |
| 2021-11-24 | CVE-2021-43220 | Authentication Bypass by Spoofing vulnerability in Microsoft Edge IOS Microsoft Edge for iOS Spoofing Vulnerability | 3.1 |
| 2021-10-07 | CVE-2021-41130 | Authentication Bypass by Spoofing vulnerability in Google Extensible Service Proxy Extensible Service Proxy, a.k.a. | 5.4 |