Vulnerabilities > Authentication Bypass by Spoofing
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-05 | CVE-2017-12095 | Authentication Bypass by Spoofing vulnerability in Meetcircle Circle With Disney Firmware 2.0.1 An exploitable vulnerability exists in the WiFi Access Point feature of Circle with Disney running firmware 2.0.1. | 3.3 |
| 2018-02-16 | CVE-2017-18190 | Authentication Bypass by Spoofing vulnerability in multiple products A localhost.localdomain whitelist entry in valid_host() in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. | 5.0 |
| 2017-12-27 | CVE-2017-16897 | Authentication Bypass by Spoofing vulnerability in Auth0 Passport-Wsfed-Saml2 A vulnerability has been discovered in the Auth0 passport-wsfed-saml2 library affecting versions < 3.0.5. | 9.3 |
| 2017-12-01 | CVE-2017-14487 | Authentication Bypass by Spoofing vulnerability in Ohmibod Remote The OhMiBod Remote app for Android and iOS allows remote attackers to impersonate users by sniffing network traffic for search responses from the OhMiBod API server and then editing the username, user_id, and token fields in data/data/com.ohmibod.remote2/shared_prefs/OMB.xml. | 6.4 |
| 2017-11-07 | CVE-2017-12096 | Authentication Bypass by Spoofing vulnerability in Meetcircle Circle With Disney Firmware 2.0.1 An exploitable vulnerability exists in the WiFi management of Circle with Disney. | 6.5 |
| 2017-11-01 | CVE-2017-14375 | Authentication Bypass by Spoofing vulnerability in multiple products EMC Unisphere for VMAX Virtual Appliance (vApp) versions prior to 8.4.0.15, EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.15, EMC VASA Virtual Appliance versions prior to 8.4.0.512, and EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4 (Enginuity Release 5977.1125.1125 and earlier) contain an authentication bypass vulnerability that may potentially be exploited by malicious users to compromise the affected system. | 10.0 |
| 2017-07-28 | CVE-2017-11717 | Authentication Bypass by Spoofing vulnerability in Metinfo Project Metinfo MetInfo through 5.3.17 accepts the same CAPTCHA response for 120 seconds, which makes it easier for remote attackers to bypass intended challenge requirements by modifying the client-server data stream, as demonstrated by the login/findpass page. | 5.0 |
| 2017-05-17 | CVE-2017-8422 | Authentication Bypass by Spoofing vulnerability in KDE Kauth and Kdelibs KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app. | 7.2 |
| 2017-03-02 | CVE-2017-6405 | Authentication Bypass by Spoofing vulnerability in Veritas Netbackup and Netbackup Appliance An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. | 5.0 |
| 2009-08-14 | CVE-2009-1048 | Authentication Bypass by Spoofing vulnerability in Snom products The web interface on the snom VoIP phones snom 300, snom 320, snom 360, snom 370, and snom 820 with firmware 6.5 before 6.5.20, 7.1 before 7.1.39, and 7.3 before 7.3.14 allows remote attackers to bypass authentication, and reconfigure the phone or make arbitrary use of the phone, via a (1) http or (2) https request with 127.0.0.1 in the Host header. | 9.8 |