Vulnerabilities > Authentication Bypass by Spoofing
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-04 | CVE-2024-54158 | Authentication Bypass by Spoofing vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.3.52635 potential spoofing attack was possible via lack of Punycode encoding | 5.3 |
| 2024-10-29 | CVE-2024-10462 | Authentication Bypass by Spoofing vulnerability in Mozilla Thunderbird Truncation of a long URL could have allowed origin spoofing in a permission prompt. | 6.5 |
| 2024-10-29 | CVE-2024-10465 | Authentication Bypass by Spoofing vulnerability in Mozilla Thunderbird A clipboard "paste" button could persist across tabs which allowed a spoofing attack. | 6.5 |
| 2024-10-11 | CVE-2024-45397 | Authentication Bypass by Spoofing vulnerability in Dena H2O h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. | 7.5 |
| 2024-09-12 | CVE-2024-6678 | Authentication Bypass by Spoofing vulnerability in Gitlab An issue was discovered in GitLab CE/EE affecting all versions starting from 8.14 prior to 17.1.7, starting from 17.2 prior to 17.2.5, and starting from 17.3 prior to 17.3.2, which allows an attacker to trigger a pipeline as an arbitrary user under certain circumstances. | 8.8 |
| 2024-09-10 | CVE-2024-44104 | Authentication Bypass by Spoofing vulnerability in Ivanti Workspace Control An incorrectly implemented authentication scheme that is subjected to a spoofing attack in the management console of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker to escalate their privileges. | 7.8 |
| 2024-08-23 | CVE-2024-42364 | Authentication Bypass by Spoofing vulnerability in Gethomepage Homepage 0.9.1 Homepage is a highly customizable homepage with Docker and service API integrations. | 6.5 |
| 2024-08-07 | CVE-2024-41432 | Authentication Bypass by Spoofing vulnerability in Likeshop 2.5.7.20210311 An IP Spoofing vulnerability has been discovered in Likeshop up to 2.5.7.20210811. | 5.3 |
| 2024-07-08 | CVE-2024-6163 | Authentication Bypass by Spoofing vulnerability in Checkmk Certain http endpoints of Checkmk in Checkmk < 2.3.0p10 < 2.2.0p31, < 2.1.0p46, <= 2.0.0p39 allows remote attacker to bypass authentication and access data | 5.3 |
| 2024-06-11 | CVE-2024-5812 | Authentication Bypass by Spoofing vulnerability in Beyondtrust Beyondinsight Password Safe 24.1 A low severity vulnerability in BIPS has been identified where an attacker with high privileges or a compromised high privilege account can overwrite Read-Only smart rules via a specially crafted API request. | 2.7 |