Vulnerabilities > Authentication Bypass by Spoofing
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-06 | CVE-2020-19003 | Authentication Bypass by Spoofing vulnerability in Liftoffsoftware Gate ONE 1.2.0 An issue in Gate One 1.2.0 allows attackers to bypass to the verification check done by the origins list and connect to Gate One instances used by hosts not on the origins list. | 5.3 |
| 2021-09-27 | CVE-2021-41753 | Authentication Bypass by Spoofing vulnerability in Dlink Dir-X1560 Firmware and Dir-X6060 Firmware A denial-of-service attack in WPA2, and WPA3-SAE authentication methods in D-Link DIR-X1560, v1.04B04, and DIR-X6060, v1.11B04 allows a remote unauthenticated attacker to disconnect a wireless client via sending specific spoofed SAE authentication frames. | 7.5 |
| 2021-09-13 | CVE-2021-40823 | Authentication Bypass by Spoofing vulnerability in Matrix Javascript SDK A logic error in the room key sharing functionality of matrix-js-sdk (aka Matrix Javascript SDK) before 12.4.1 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys (via crafted Matrix protocol messages) that were originally sent by affected Matrix clients participating in that room. | 5.9 |
| 2021-09-13 | CVE-2021-40824 | Authentication Bypass by Spoofing vulnerability in Matrix Element and Matrix-Android-Sdk2 A logic error in the room key sharing functionality of Element Android before 1.2.2 and matrix-android-sdk2 (aka Matrix SDK for Android) before 1.2.2 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys (via crafted Matrix protocol messages) that were originally sent by affected Matrix clients participating in that room. | 5.9 |
| 2021-09-13 | CVE-2020-27970 | Authentication Bypass by Spoofing vulnerability in Yandex Browser Yandex Browser before 20.10.0 allows remote attackers to spoof the address bar | 5.3 |
| 2021-09-13 | CVE-2021-40867 | Authentication Bypass by Spoofing vulnerability in Netgear products Certain NETGEAR smart switches are affected by an authentication hijacking race-condition vulnerability by an unauthenticated attacker who uses the same source IP address as an admin in the process of logging in (e.g., behind the same NAT device, or already in possession of a foothold on an admin's machine). | 7.1 |
| 2021-09-03 | CVE-2021-30619 | Authentication Bypass by Spoofing vulnerability in multiple products Chromium: CVE-2021-30619 UI Spoofing in Autofill | 6.5 |
| 2021-09-03 | CVE-2021-30621 | Authentication Bypass by Spoofing vulnerability in multiple products Chromium: CVE-2021-30621 UI Spoofing in Autofill | 6.5 |
| 2021-08-26 | CVE-2021-32076 | Authentication Bypass by Spoofing vulnerability in Solarwinds web Help Desk Access Restriction Bypass via referrer spoof was discovered in SolarWinds Web Help Desk 12.7.2. | 5.3 |
| 2021-08-23 | CVE-2021-38598 | Authentication Bypass by Spoofing vulnerability in Openstack Neutron OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonation when the linuxbridge driver with ebtables-nft is used on a Netfilter-based platform. | 9.1 |