Vulnerabilities > Authentication Bypass by Spoofing
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-13 | CVE-2021-40823 | Authentication Bypass by Spoofing vulnerability in Matrix Javascript SDK A logic error in the room key sharing functionality of matrix-js-sdk (aka Matrix Javascript SDK) before 12.4.1 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys (via crafted Matrix protocol messages) that were originally sent by affected Matrix clients participating in that room. | 5.9 |
| 2021-09-13 | CVE-2021-40824 | Authentication Bypass by Spoofing vulnerability in Matrix Element and Matrix-Android-Sdk2 A logic error in the room key sharing functionality of Element Android before 1.2.2 and matrix-android-sdk2 (aka Matrix SDK for Android) before 1.2.2 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys (via crafted Matrix protocol messages) that were originally sent by affected Matrix clients participating in that room. | 5.9 |
| 2021-09-13 | CVE-2020-27970 | Authentication Bypass by Spoofing vulnerability in Yandex Browser Yandex Browser before 20.10.0 allows remote attackers to spoof the address bar | 5.3 |
| 2021-09-13 | CVE-2021-40867 | Authentication Bypass by Spoofing vulnerability in Netgear products Certain NETGEAR smart switches are affected by an authentication hijacking race-condition vulnerability by an unauthenticated attacker who uses the same source IP address as an admin in the process of logging in (e.g., behind the same NAT device, or already in possession of a foothold on an admin's machine). | 7.1 |
| 2021-09-03 | CVE-2021-30619 | Authentication Bypass by Spoofing vulnerability in multiple products Chromium: CVE-2021-30619 UI Spoofing in Autofill | 6.5 |
| 2021-09-03 | CVE-2021-30621 | Authentication Bypass by Spoofing vulnerability in multiple products Chromium: CVE-2021-30621 UI Spoofing in Autofill | 6.5 |
| 2021-08-26 | CVE-2021-32076 | Authentication Bypass by Spoofing vulnerability in Solarwinds web Help Desk Access Restriction Bypass via referrer spoof was discovered in SolarWinds Web Help Desk 12.7.2. | 5.3 |
| 2021-08-23 | CVE-2021-38598 | Authentication Bypass by Spoofing vulnerability in Openstack Neutron OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonation when the linuxbridge driver with ebtables-nft is used on a Netfilter-based platform. | 9.1 |
| 2021-08-17 | CVE-2021-28372 | Authentication Bypass by Spoofing vulnerability in Throughtek Kalay P2P Software Development KIT 3.1.5 ThroughTek's Kalay Platform 2.0 network allows an attacker to impersonate an arbitrary ThroughTek (TUTK) device given a valid 20-byte uniquely assigned identifier (UID). | 8.3 |
| 2021-07-26 | CVE-2021-32631 | Authentication Bypass by Spoofing vulnerability in Nimble-Project Common Common is a package of common modules that can be accessed by NIMBLE services. | 6.5 |