Vulnerabilities > Authentication Bypass by Spoofing
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-13 | CVE-2020-2002 | Authentication Bypass by Spoofing vulnerability in Paloaltonetworks Pan-Os An authentication bypass by spoofing vulnerability exists in the authentication daemon and User-ID components of Palo Alto Networks PAN-OS by failing to verify the integrity of the Kerberos key distribution center (KDC) before authenticating users. | 6.8 |
| 2020-04-30 | CVE-2020-11015 | Authentication Bypass by Spoofing vulnerability in Thinx-Device-Api Project Thinx-Device-Api A vulnerability has been disclosed in thinx-device-api IoT Device Management Server before version 2.5.0. | 9.1 |
| 2020-04-27 | CVE-2020-12272 | Authentication Bypass by Spoofing vulnerability in multiple products OpenDMARC through 1.3.2 and 1.4.x allows attacks that inject authentication results to provide false information about the domain that originated an e-mail message. | 5.3 |
| 2020-04-27 | CVE-2019-20790 | Authentication Bypass by Spoofing vulnerability in multiple products OpenDMARC through 1.3.2 and 1.4.x, when used with pypolicyd-spf 2.0.2, allows attacks that bypass SPF and DMARC authentication in situations where the HELO field is inconsistent with the MAIL FROM field. | 9.8 |
| 2020-04-08 | CVE-2020-4290 | Authentication Bypass by Spoofing vulnerability in IBM Security Information Queue IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, and 1.0.5 could allow any authenticated user to spoof the configuration owner of any other user which disclose sensitive information or allow for unauthorized access. | 5.5 |
| 2020-03-25 | CVE-2020-6810 | Authentication Bypass by Spoofing vulnerability in Mozilla Firefox After a website had entered fullscreen mode, it could have used a previously opened popup to obscure the notification that indicates the browser is in fullscreen mode. | 4.3 |
| 2020-03-25 | CVE-2020-6808 | Authentication Bypass by Spoofing vulnerability in Mozilla Firefox When a JavaScript URL (javascript:) is evaluated and the result is a string, this string is parsed to create an HTML document, which is then presented. | 4.3 |
| 2020-03-18 | CVE-2019-12131 | Authentication Bypass by Spoofing vulnerability in Onap Open Network Automation Platform 3.0.0/3.0.1/3.0.2 An issue was detected in ONAP APPC through Dublin and SDC through Dublin. | 6.4 |
| 2020-02-20 | CVE-2019-11189 | Authentication Bypass by Spoofing vulnerability in Opennetworking Onos Authentication Bypass by Spoofing in org.onosproject.acl (access control) and org.onosproject.mobility (host mobility) in ONOS v2.0 and earlier allows attackers to bypass network access control via data plane packet injection. | 5.0 |
| 2020-01-02 | CVE-2019-20203 | Authentication Bypass by Spoofing vulnerability in Postieplugin Postie The Authorized Addresses feature in the Postie plugin 1.9.40 for WordPress allows remote attackers to publish posts by spoofing the From information of an email message. | 5.0 |