Vulnerabilities > Authentication Bypass by Spoofing
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-09-17 | CVE-2019-16378 | Authentication Bypass by Spoofing vulnerability in multiple products OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 is prone to a signature-bypass vulnerability with multiple From: addresses, which might affect applications that consider a domain name to be relevant to the origin of an e-mail message. | 9.8 |
2019-05-22 | CVE-2018-7842 | Authentication Bypass by Spoofing vulnerability in Schneider-Electric products A CWE-290: Authentication Bypass by Spoofing vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause an elevation of privilege by conducting a brute force attack on Modbus parameters sent to the controller. | 9.8 |
2019-04-10 | CVE-2019-0283 | Authentication Bypass by Spoofing vulnerability in SAP Netweaver Process Integration SAP NetWeaver Process Integration (Adapter Engine), fixed in versions 7.10 to 7.11, 7.30, 7.31, 7.40, 7.50; is vulnerable to Digital Signature Spoofing. | 7.1 |
2019-04-05 | CVE-2019-10875 | Authentication Bypass by Spoofing vulnerability in MI Browser and Mint Browser A URL spoofing vulnerability was found in all international versions of Xiaomi Mi browser 10.5.6-g (aka the MIUI native browser) and Mint Browser 1.5.3 due to the way they handle the "q" query parameter. | 6.5 |
2019-02-11 | CVE-2018-15588 | Authentication Bypass by Spoofing vulnerability in Freron Mailmate MailMate before 1.11.3 mishandles a suspicious HTML/MIME structure in a signed/encrypted email. | 7.5 |
2019-02-01 | CVE-2018-16483 | Authentication Bypass by Spoofing vulnerability in Express-Cart Project Express-Cart A deficiency in the access control in module express-cart <=1.1.5 allows unprivileged users to add new users to the application as administrators. | 8.8 |
2018-09-19 | CVE-2018-3829 | Authentication Bypass by Spoofing vulnerability in Elastic Cloud Enterprise In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 it was discovered that a user could scale out allocators on new hosts with an invalid roles token. | 5.3 |
2018-09-13 | CVE-2018-8425 | Authentication Bypass by Spoofing vulnerability in Microsoft Edge A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge. | 4.3 |
2018-09-06 | CVE-2018-1695 | Authentication Bypass by Spoofing vulnerability in IBM Websphere Application Server 7.0.0.0/8.0.0.0/8.5.5.0 IBM WebSphere Application Server 7.0, 8.0, and 8.5.5 installations using Form Login could allow a remote attacker to conduct spoofing attacks. | 5.6 |
2018-08-15 | CVE-2018-8388 | Authentication Bypass by Spoofing vulnerability in Microsoft Edge A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge. | 4.3 |