Vulnerabilities > Authentication Bypass by Spoofing

DATE CVE VULNERABILITY TITLE RISK
2023-10-23 CVE-2023-28803 Authentication Bypass by Spoofing vulnerability in Zscaler Client Connector
An authentication bypass by spoofing of a device with a synthetic IP address is possible in Zscaler Client Connector on Windows, allowing a functionality bypass.
low complexity
zscaler CWE-290
6.5
2023-10-10 CVE-2023-30803 Authentication Bypass by Spoofing vulnerability in Sangfor Next-Gen Application Firewall 8.0.17
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an authentication bypass vulnerability.
network
low complexity
sangfor CWE-290
critical
9.8
2023-07-18 CVE-2023-34329 Authentication Bypass by Spoofing vulnerability in AMI Megarac Sp-X 12/13
AMI MegaRAC SPx12 contains a vulnerability in BMC where a User may cause an authentication bypass by spoofing the HTTP header.
low complexity
ami CWE-290
8.0
2023-07-06 CVE-2022-48513 Authentication Bypass by Spoofing vulnerability in Huawei Emui and Harmonyos
Vulnerability of identity verification being bypassed in the Gallery module.
network
low complexity
huawei CWE-290
critical
9.8
2023-07-01 CVE-2023-22814 Authentication Bypass by Spoofing vulnerability in Westerndigital MY Cloud OS
An authentication bypass issue via spoofing was discovered in the token-based authentication mechanism that could allow an attacker to carry out an impersonation attack. This issue affects My Cloud OS 5 devices: before 5.26.202.
network
low complexity
westerndigital CWE-290
critical
9.8
2023-06-28 CVE-2021-25827 Authentication Bypass by Spoofing vulnerability in Emby
Emby Server < 4.7.12.0 is vulnerable to a login bypass attack by setting the X-Forwarded-For header to a local IP-address.
network
low complexity
emby CWE-290
critical
9.8
2023-06-23 CVE-2023-27964 Authentication Bypass by Spoofing vulnerability in Apple Airpods Firmware 5E133
An authentication issue was addressed with improved state management.
low complexity
apple CWE-290
5.4
2023-06-22 CVE-2023-3128 Authentication Bypass by Spoofing vulnerability in Grafana
Grafana is validating Azure AD accounts based on the email claim.
network
low complexity
grafana CWE-290
critical
9.8
2023-06-19 CVE-2023-34158 Authentication Bypass by Spoofing vulnerability in Huawei Emui 12.0.0/13.0.0
Vulnerability of spoofing trustlists of Huawei desktop.Successful exploitation of this vulnerability can cause third-party apps to hide app icons on the desktop to prevent them from being uninstalled.
network
low complexity
huawei CWE-290
5.3
2023-06-19 CVE-2023-34160 Authentication Bypass by Spoofing vulnerability in Huawei Emui 12.0.0/13.0.0
Vulnerability of spoofing trustlists of Huawei desktop.Successful exploitation of this vulnerability can cause third-party apps to hide app icons on the desktop to prevent them from being uninstalled.
network
low complexity
huawei CWE-290
5.3