Vulnerabilities > Authentication Bypass by Spoofing
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-25 | CVE-2020-6810 | Authentication Bypass by Spoofing vulnerability in Mozilla Firefox After a website had entered fullscreen mode, it could have used a previously opened popup to obscure the notification that indicates the browser is in fullscreen mode. | 4.3 |
| 2020-03-25 | CVE-2020-6808 | Authentication Bypass by Spoofing vulnerability in Mozilla Firefox When a JavaScript URL (javascript:) is evaluated and the result is a string, this string is parsed to create an HTML document, which is then presented. | 6.5 |
| 2020-03-22 | CVE-2020-10807 | Authentication Bypass by Spoofing vulnerability in Mitre Caldera auth_svc in Caldera before 2.6.5 allows authentication bypass (for REST API requests) via a forged "localhost" string in the HTTP Host header. | 5.3 |
| 2020-03-18 | CVE-2019-12131 | Authentication Bypass by Spoofing vulnerability in Onap Open Network Automation Platform An issue was detected in ONAP APPC through Dublin and SDC through Dublin. | 9.1 |
| 2020-02-20 | CVE-2019-11189 | Authentication Bypass by Spoofing vulnerability in Opennetworking Onos Authentication Bypass by Spoofing in org.onosproject.acl (access control) and org.onosproject.mobility (host mobility) in ONOS v2.0 and earlier allows attackers to bypass network access control via data plane packet injection. | 7.5 |
| 2020-01-02 | CVE-2019-20203 | Authentication Bypass by Spoofing vulnerability in Postieplugin Postie The Authorized Addresses feature in the Postie plugin 1.9.40 for WordPress allows remote attackers to publish posts by spoofing the From information of an email message. | 5.3 |
| 2019-12-19 | CVE-2019-16871 | Authentication Bypass by Spoofing vulnerability in Beckhoff Twincat 2.0/3.0/3.1 Beckhoff Embedded Windows PLCs through 3.1.4024.0, and Beckhoff Twincat on Windows Engineering stations, allow an attacker to achieve Remote Code Execution (as SYSTEM) via the Beckhoff ADS protocol. | 9.8 |
| 2019-12-16 | CVE-2019-18259 | Authentication Bypass by Spoofing vulnerability in Omron PLC CJ Firmware and PLC CS Firmware In Omron PLC CJ series, all versions and Omron PLC CS series, all versions, an attacker could spoof arbitrary messages or execute commands. | 9.8 |
| 2019-11-25 | CVE-2019-13715 | Authentication Bypass by Spoofing vulnerability in multiple products Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. | 4.3 |
| 2019-11-25 | CVE-2019-13709 | Authentication Bypass by Spoofing vulnerability in multiple products Insufficient policy enforcement in downloads in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass download restrictions via a crafted HTML page. | 6.5 |