Security Vulnerabilities, CVEs, related to CWE-287
CVE-2024-24496
Public exploit
An issue in Daily Habit Tracker v.1.0 allows a remote attacker to manipulate trackers via the home.php, add-tracker.php, delete-tracker.php, update-tracker.php components.
Max CVSS
9.8
EPSS Score
0.56%
Published
2024-02-08
Updated
2024-02-22
CVE-2023-50919
Public exploit
An issue was discovered on GL.iNet devices before version 4.5.0. There is an NGINX authentication bypass via Lua string pattern matching. This affects A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000 4.4.6, MT2500 4.4.6, MT6000 4.5.0, MT1300 4.3.7, MT300N-V2 4.3.7, AR750S 4.3.7, AR750 4.3.7, AR300M 4.3.7, and B1300 4.3.7.
Max CVSS
9.8
EPSS Score
0.11%
Published
2024-01-12
Updated
2024-01-24
CVE-2023-46805
Known exploited
Public exploit
An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.
Max CVSS
8.2
EPSS Score
96.56%
Published
2024-01-12
Updated
2024-01-22
CISA KEV Added
2024-01-10
CVE-2023-34124
Public exploit
The authentication mechanism in SonicWall GMS and Analytics Web Services had insufficient checks, allowing authentication bypass. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
Max CVSS
9.8
EPSS Score
3.05%
Published
2023-07-13
Updated
2023-09-08
CVE-2023-28503
Public exploit
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from an authentication bypass vulnerability, where a special username with a deterministic password can be leveraged to bypass authentication checks and execute OS commands as the root user.
Max CVSS
9.8
EPSS Score
2.33%
Published
2023-03-29
Updated
2023-04-12
CVE-2023-28121
Public exploit
An issue in WooCommerce Payments plugin for WordPress (versions 5.6.1 and lower) allows an unauthenticated attacker to send requests on behalf of an elevated user, like administrator. This allows a remote, unauthenticated attacker to gain admin access on a site that has the affected version of the plugin activated.
Max CVSS
9.8
EPSS Score
94.59%
Published
2023-04-12
Updated
2023-12-18
CVE-2023-5808
Public exploit
SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in a Storage administrative role are able to access HNAS configuration backup and diagnostic data, that would normally be barred to that specific administrative role.
Max CVSS
7.6
EPSS Score
0.05%
Published
2023-12-05
Updated
2023-12-12
CVE-2022-37042
Known exploited
Public exploit
Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. By bypassing authentication (i.e., not having an authtoken), an attacker can upload arbitrary files to the system, leading to directory traversal and remote code execution. NOTE: this issue exists because of an incomplete fix for CVE-2022-27925.
Max CVSS
9.8
EPSS Score
97.55%
Published
2022-08-12
Updated
2022-10-28
CISA KEV Added
2022-08-11
CVE-2022-22956
Public exploit
VMware Workspace ONE Access has two authentication bypass vulnerabilities (CVE-2022-22955 & CVE-2022-22956) in the OAuth2 ACS framework. A malicious actor may bypass the authentication mechanism and execute any operation due to exposed endpoints in the authentication framework.
Max CVSS
9.8
EPSS Score
0.21%
Published
2022-04-13
Updated
2023-04-19
CVE-2022-3218
Public exploit
Due to a reliance on client-side authentication, the WiFi Mouse (Mouse Server) from Necta LLC's authentication mechanism is trivially bypassed, which can result in remote code execution.
Max CVSS
9.8
EPSS Score
91.39%
Published
2022-09-19
Updated
2022-10-01
CVE-2022-0492
Public exploit
A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.
Max CVSS
7.8
EPSS Score
9.52%
Published
2022-03-03
Updated
2023-12-07
CVE-2021-40539
Known exploited
Public exploit
Used for ransomware
Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass with resultant remote code execution.
Max CVSS
9.8
EPSS Score
97.50%
Published
2021-09-07
Updated
2021-11-29
CISA KEV Added
2021-11-03
CVE-2021-38648
Known exploited
Public exploit
Open Management Infrastructure Elevation of Privilege Vulnerability
Max CVSS
7.8
EPSS Score
96.24%
Published
2021-09-15
Updated
2023-12-28
CISA KEV Added
2021-11-03
CVE-2021-38647
Known exploited
Public exploit
Used for ransomware
Open Management Infrastructure Remote Code Execution Vulnerability
Max CVSS
9.8
EPSS Score
97.47%
Published
2021-09-15
Updated
2023-12-28
CISA KEV Added
2021-11-03
CVE-2021-34523
Known exploited
Public exploit
Used for ransomware
Microsoft Exchange Server Elevation of Privilege Vulnerability
Max CVSS
9.8
EPSS Score
78.22%
Published
2021-07-14
Updated
2024-02-13
CISA KEV Added
2021-11-03
CVE-2021-27878
Known exploited
Public exploit
Used for ransomware
An issue was discovered in Veritas Backup Exec before 21.2. The communication between a client and an Agent requires successful authentication, which is typically completed over a secure TLS communication. However, due to a vulnerability in the SHA Authentication scheme, an attacker is able to gain unauthorized access and complete the authentication process. Subsequently, the client can execute data management protocol commands on the authenticated connection. The attacker could use one of these commands to execute an arbitrary command on the system using system privileges.
Max CVSS
9.0
EPSS Score
69.84%
Published
2021-03-01
Updated
2022-09-27
CISA KEV Added
2023-04-07
CVE-2021-27877
Known exploited
Public exploit
Used for ransomware
An issue was discovered in Veritas Backup Exec before 21.2. It supports multiple authentication schemes: SHA authentication is one of these. This authentication scheme is no longer used in current versions of the product, but hadn't yet been disabled. An attacker could remotely exploit this scheme to gain unauthorized access to an Agent and execute privileged commands.
Max CVSS
9.8
EPSS Score
73.65%
Published
2021-03-01
Updated
2022-09-27
CISA KEV Added
2023-04-07
CVE-2021-27876
Known exploited
Public exploit
Used for ransomware
An issue was discovered in Veritas Backup Exec before 21.2. The communication between a client and an Agent requires successful authentication, which is typically completed over a secure TLS communication. However, due to a vulnerability in the SHA Authentication scheme, an attacker is able to gain unauthorized access and complete the authentication process. Subsequently, the client can execute data management protocol commands on the authenticated connection. By using crafted input parameters in one of these commands, an attacker can access an arbitrary file on the system using System privileges.
Max CVSS
8.1
EPSS Score
73.34%
Published
2021-03-01
Updated
2022-09-27
CISA KEV Added
2023-04-07
CVE-2021-25281
Public exploit
An issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor eauth credentials for the wheel_async client. Thus, an attacker can remotely run any wheel modules on the master.
Max CVSS
9.8
EPSS Score
87.41%
Published
2021-02-27
Updated
2023-12-21
CVE-2021-1472
Public exploit
Multiple vulnerabilities exist in the web-based management interface of Cisco Small Business RV Series Routers. A remote attacker could execute arbitrary commands or bypass authentication and upload files on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
Max CVSS
9.8
EPSS Score
97.17%
Published
2021-04-08
Updated
2022-08-05
CVE-2020-25592
Public exploit
In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.
Max CVSS
9.8
EPSS Score
45.07%
Published
2020-11-06
Updated
2021-07-21
CVE-2020-9294
Public exploit
An improper authentication vulnerability in FortiMail 5.4.10, 6.0.7, 6.2.2 and earlier and FortiVoiceEntreprise 6.0.0 and 6.0.1 may allow a remote unauthenticated attacker to access the system as a legitimate user by requesting a password change via the user interface.
Max CVSS
9.8
EPSS Score
2.10%
Published
2020-04-27
Updated
2024-01-18
CVE-2020-8606
Public exploit
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to bypass authentication on affected installations of Trend Micro InterScan Web Security Virtual Appliance.
Max CVSS
9.8
EPSS Score
97.23%
Published
2020-05-27
Updated
2022-06-02
CVE-2020-5849
Known exploited
Public exploit
Unraid 6.8.0 allows authentication bypass.
Max CVSS
7.5
EPSS Score
97.11%
Published
2020-03-16
Updated
2022-04-18
CISA KEV Added
2021-11-03
CVE-2020-0688
Known exploited
Public exploit
Used for ransomware
A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'.
Max CVSS
9.0
EPSS Score
97.14%
Published
2020-02-11
Updated
2024-02-13
CISA KEV Added
2021-11-03
3461 vulnerabilities found
1
2
3
4
5
6 ......
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139