Vulnerabilities > Authentication Bypass by Spoofing

DATE CVE VULNERABILITY TITLE RISK
2021-05-07 CVE-2020-36128 Authentication Bypass by Spoofing vulnerability in Paxtechnology Paxstore
Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by a token spoofing vulnerability.
network
low complexity
paxtechnology CWE-290
6.4
2021-04-27 CVE-2021-29441 Authentication Bypass by Spoofing vulnerability in Alibaba Nacos
Nacos is a platform designed for dynamic service discovery and configuration and service management.
network
low complexity
alibaba CWE-290
7.5
2021-04-27 CVE-2020-22001 Authentication Bypass by Spoofing vulnerability in Homeautomation Project Homeautomation 3.3.2
HomeAutomation 3.3.2 suffers from an authentication bypass vulnerability when spoofing client IP address using the X-Forwarded-For header with the local (loopback) IP address value allowing remote control of the smart home solution.
network
low complexity
homeautomation-project CWE-290
critical
9.8
2021-04-26 CVE-2021-21216 Authentication Bypass by Spoofing vulnerability in multiple products
Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to spoof security UI via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-290
6.5
2021-04-26 CVE-2021-21215 Authentication Bypass by Spoofing vulnerability in multiple products
Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to spoof security UI via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-290
6.5
2021-04-22 CVE-2021-0232 Authentication Bypass by Spoofing vulnerability in multiple products
An authentication bypass vulnerability in the Juniper Networks Paragon Active Assurance Control Center may allow an attacker with specific information about the deployment to mimic an already registered Test Agent and access its configuration including associated inventory details.
network
high complexity
juniper fedoraproject CWE-290
7.4
2021-04-01 CVE-2021-22890 Authentication Bypass by Spoofing vulnerability in multiple products
curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets.
3.7
2021-03-31 CVE-2021-23984 Authentication Bypass by Spoofing vulnerability in Mozilla Firefox
A malicious extension could have opened a popup window lacking an address bar.
network
mozilla CWE-290
4.3
2021-02-27 CVE-2019-25023 Authentication Bypass by Spoofing vulnerability in Scytl Secure Vote 2.1
An issue was discovered in Scytl sVote 2.1.
network
low complexity
scytl CWE-290
6.4
2021-02-11 CVE-2021-21310 Authentication Bypass by Spoofing vulnerability in Nextauth.Js Next-Auth
NextAuth.js (next-auth) is am open source authentication solution for Next.js applications.
4.3