Total
89 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-0547 | 3 Debian, Fedoraproject, Openvpn | 3 Debian Linux, Fedora, Openvpn | 2025-04-23 | 7.5 HIGH | 9.8 CRITICAL |
| OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials. | |||||
| CVE-2025-31161 | 1 Crushftp | 1 Crushftp | 2025-04-21 | N/A | 9.8 CRITICAL |
| CrushFTP 10 before 10.8.4 and 11 before 11.3.1 allows authentication bypass and takeover of the crushadmin account (unless a DMZ proxy instance is used), as exploited in the wild in March and April 2025, aka "Unauthenticated HTTP(S) port access." A race condition exists in the AWS4-HMAC (compatible with S3) authorization method of the HTTP component of the FTP server. The server first verifies the existence of the user by performing a call to login_user_pass() with no password requirement. This will authenticate the session through the HMAC verification process and up until the server checks for user verification once more. The vulnerability can be further stabilized, eliminating the need for successfully triggering a race condition, by sending a mangled AWS4-HMAC header. By providing only the username and a following slash (/), the server will successfully find a username, which triggers the successful anypass authentication process, but the server will fail to find the expected SignedHeaders entry, resulting in an index-out-of-bounds error that stops the code from reaching the session cleanup. Together, these issues make it trivial to authenticate as any known or guessable user (e.g., crushadmin), and can lead to a full compromise of the system by obtaining an administrative account. | |||||
| CVE-2023-34124 | 1 Sonicwall | 2 Analytics, Global Management System | 2025-04-08 | N/A | 9.8 CRITICAL |
| The authentication mechanism in SonicWall GMS and Analytics Web Services had insufficient checks, allowing authentication bypass. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions. | |||||
| CVE-2025-30428 | 1 Apple | 2 Ipados, Iphone Os | 2025-04-07 | N/A | 5.4 MEDIUM |
| This issue was addressed through improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6. Photos in the Hidden Photos Album may be viewed without authentication. | |||||
| CVE-2025-31192 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2025-04-07 | N/A | 6.7 MEDIUM |
| The issue was addressed with improved checks. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. A website may be able to access sensor information without user consent. | |||||
| CVE-2022-3100 | 2 Openstack, Redhat | 5 Barbican, Enterprise Linux Eus, Openstack and 2 more | 2025-04-03 | N/A | 5.9 MEDIUM |
| A flaw was found in the openstack-barbican component. This issue allows an access policy bypass via a query string when accessing the API. | |||||
| CVE-2024-12776 | 2025-03-20 | N/A | 8.1 HIGH | ||
| In langgenius/dify v0.10.1, the `/forgot-password/resets` endpoint does not verify the password reset code, allowing an attacker to reset the password of any user, including administrators. This vulnerability can lead to a complete compromise of the application. | |||||
| CVE-2025-27371 | 2025-03-07 | N/A | 6.9 MEDIUM | ||
| In certain IETF OAuth 2.0-related specifications, when the JSON Web Token Profile for OAuth 2.0 Client Authentication mechanism is used, there are ambiguities in the audience values of JWTs sent to authorization servers. The affected RFCs may include RFC 7523, and also RFC 7521, RFC 7522, RFC 9101 (JAR), and RFC 9126 (PAR). | |||||
| CVE-2025-27370 | 2025-03-07 | N/A | 6.9 MEDIUM | ||
| OpenID Connect Core through 1.0 errata set 2 allows audience injection in certain situations. When the private_key_jwt authentication mechanism is used, a malicious Authorization Server could trick a Client into writing attacker-controlled values into the audience, including token endpoints or issuer identifiers of other Authorization Servers. The malicious Authorization Server could then use these private key JWTs to impersonate the Client. | |||||
| CVE-2025-1880 | 2025-03-03 | 1.2 LOW | 2.0 LOW | ||
| A vulnerability was found in i-Drive i11 and i12 up to 20250227. It has been classified as problematic. Affected is an unknown function of the component Device Pairing. The manipulation leads to authentication bypass by primary weakness. It is possible to launch the attack on the physical device. The complexity of an attack is rather high. The exploitability is told to be difficult. It was not possible to identify the current maintainer of the product. It must be assumed that the product is end-of-life. | |||||
| CVE-2025-23017 | 2025-02-24 | N/A | 6.0 MEDIUM | ||
| WorkOS Hosted AuthKit before 2025-01-07 allows a password authentication MFA bypass (by enrolling a new authentication factor) when the attacker knows the user's password. No exploitation occurred. | |||||
| CVE-2023-27536 | 5 Debian, Fedoraproject, Haxx and 2 more | 14 Debian Linux, Fedora, Libcurl and 11 more | 2025-02-14 | N/A | 5.9 MEDIUM |
| An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed. | |||||
| CVE-2024-12054 | 2025-02-13 | N/A | 5.4 MEDIUM | ||
| ZF Roll Stability Support Plus (RSSPlus) is vulnerable to an authentication bypass vulnerability targeting deterministic RSSPlus SecurityAccess service seeds, which may allow an attacker to remotely (proximal/adjacent with RF equipment or via pivot from J2497 telematics devices) call diagnostic functions intended for workshop or repair scenarios. This can impact system availability, potentially degrading performance or erasing software, however the vehicle remains in a safe vehicle state. | |||||
| CVE-2024-12582 | 2025-02-13 | N/A | 7.1 HIGH | ||
| A flaw was found in the skupper console, a read-only interface that renders cluster network, traffic details, and metrics for a network application that a user sets up across a hybrid multi-cloud environment. When the default authentication method is used, a random password is generated for the "admin" user and is persisted in either a Kubernetes secret or a podman volume in a plaintext file. This authentication method can be manipulated by an attacker, leading to the reading of any user-readable file in the container filesystem, directly impacting data confidentiality. Additionally, the attacker may induce skupper to read extremely large files into memory, resulting in resource exhaustion and a denial of service attack. | |||||
| CVE-2023-28727 | 1 Panasonic | 2 Aiseg2, Aiseg2 Firmware | 2025-02-12 | N/A | 9.6 CRITICAL |
| Panasonic AiSEG2 versions 2.00J through 2.93A allows adjacent attackers bypass authentication due to mishandling of X-Forwarded-For headers. | |||||
| CVE-2024-1403 | 1 Progress | 1 Openedge | 2025-02-11 | N/A | 10.0 CRITICAL |
| In OpenEdge Authentication Gateway and AdminServer prior to 11.7.19, 12.2.14, 12.8.1 on all platforms supported by the OpenEdge product, an authentication bypass vulnerability has been identified. The vulnerability is a bypass to authentication based on a failure to properly handle username and password. Certain unexpected content passed into the credentials can lead to unauthorized access without proper authentication. | |||||
| CVE-2024-6637 | 1 Wpwebelite | 1 Woocommerce Social Login | 2025-02-11 | N/A | 7.3 HIGH |
| The WooCommerce - Social Login plugin for WordPress is vulnerable to unauthenticated privilege escalation in all versions up to, and including, 2.7.3. This is due to a lack of brute force controls on a weak one-time password. This makes it possible for unauthenticated attackers to brute force the one-time password for any user, except an Administrator, if they know the email of user. | |||||
| CVE-2024-42513 | 2025-02-10 | N/A | 5.3 MEDIUM | ||
| Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass application authentication when using HTTPS endpoints. | |||||
| CVE-2023-28126 | 1 Ivanti | 1 Avalanche | 2025-01-29 | N/A | 5.9 MEDIUM |
| An authentication bypass vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to gain access by exploiting the SetUser method or can exploit the Race Condition in the authentication message. | |||||
| CVE-2021-26102 | 1 Fortinet | 1 Fortiwan | 2025-01-21 | N/A | 9.8 CRITICAL |
| A relative path traversal vulnerability (CWE-23) in FortiWAN version 4.5.7 and below, 4.4 all versions may allow a remote non-authenticated attacker to delete files on the system by sending a crafted POST request. In particular, deleting specific configuration files will reset the Admin password to its default value. | |||||