| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| An Improper Certificate Validation vulnerability could allow an authenticated malicious actor with access to UniFi Protect Cameras adjacent network to make unsupported changes to the camera system. |
| Infrahub offers a central hub to manage data, templates, and playbooks. Prior to versiond 1.3.9 and 1.4.5, a bug in the authentication logic will cause API tokens that were deleted and/or expired to be considered valid. This means that any API token that is associated with an active user account can authenticate successfully. This issue is fixed in versions 1.3.9 and 1.4.5. As a workaround, users can delete or deactivate the account associated with a deleted API token to prevent that token from authenticating. |
| An Authentication Bypass vulnerability in Blue Access' Cobalt X1 thru 02.000.187 allows an unauthorized attacker to log into the application as an administrator without valid credentials. |
| Crystal Shard http-protection 0.2.0 contains an IP spoofing vulnerability that allows attackers to bypass protection middleware by manipulating request headers. Attackers can hardcode consistent IP values across X-Forwarded-For, X-Client-IP, and X-Real-IP headers to circumvent security checks and gain unauthorized access. |
| Yealink RPS before 2025-06-27 allows unauthorized access to information, including AutoP URL addresses. This was fixed by deploying an enhanced authentication mechanism through a security update to all cloud instances. |
| IoT Haat Smart Plug IH-IN-16A-S v5.16.1 is vulnerable to Authentication Bypass by Capture-replay. |
| An issue in the native clients for Amazon WorkSpaces (when running Amazon DCV protocol), Amazon AppStream 2.0, and Amazon DCV Clients may allow an attacker to access remote sessions via man-in-the-middle. |
| A flaw exists in the verification of application installation sources within ColorOS. Under specific conditions, this issue may cause the risk detection mechanism to fail, which could allow malicious applications to be installed without proper warning. |
| Click Studios Passwordstate Core before 9.8 build 9858 allows Authentication Bypass. |
| QUIC in HAProxy 3.1.x before 3.1-dev7, 3.0.x before 3.0.5, and 2.9.x before 2.9.11 allows opening a 0-RTT session with a spoofed IP address. This can bypass the IP allow/block list functionality. |
| The authentication mechanism on web interface is not properly implemented. It is possible to bypass authentication checks by crafting a post request with new settings since there is no session token or authentication in place. This would allow an attacker for instance to point the device to an arbitrary address for domain name resolution to e.g. facililitate a man-in-the-middle (MitM) attack. |
| A TLS vulnerability exists in the phone application used to manage a
connected device. The phone application accepts self-signed certificates
when establishing TLS communication which may result in
man-in-the-middle attacks on untrusted networks. Captured communications
may include user credentials and sensitive session tokens. |
| Applications that use spring-boot-loader or spring-boot-loader-classic and contain custom code that performs signature verification of nested jar files may be vulnerable to signature forgery where content that appears to have been signed by one signer has, in fact, been signed by another. |
| Snap One OVRC cloud uses the MAC address as an identifier to provide information when requested. An attacker can impersonate other devices by supplying enumerated MAC addresses and receive sensitive information about the device. |
| When deploying Cloud Foundry together with the haproxy-boshrelease and using a non default configuration, it might be possible to craft HTTP requests that bypass mTLS authentication to Cloud Foundry applications.
You are affected if you have route-services enabled in routing-release and have configured the haproxy-boshrelease property “ha_proxy.forwarded_client_cert” to “forward_only_if_route_service”. |
| The Online-Ausweis-Funktion eID scheme in the German National Identity card through 2024-02-15 allows authentication bypass by spoofing. A man-in-the-middle attacker can assume a victim's identify for access to government, medical, and financial resources, and can also extract personal data from the card, aka the "sPACE (Spoofing Password Authenticated Connection Establishment)" issue. This occurs because of a combination of factors, such as insecure PIN entry (for basic readers) and eid:// deeplinking. The victim must be using a modified eID kernel, which may occur if the victim is tricked into installing a fake version of an official app. NOTE: the BSI position is "ensuring a secure operational environment at the client side is an obligation of the ID card owner." |
| DESIGNA ABACUS v.18 and before allows an attacker to bypass the payment process via a crafted QR code. |
| Logic vulnerability in the mobile application (com.transsion.carlcare) may lead to the risk of account takeover. |
| Authentication Bypass by Spoofing vulnerability in LionScripts IP Blocker Lite allows Functionality Bypass.This issue affects IP Blocker Lite: from n/a through 11.1.1. |
| Authentication Bypass by Spoofing vulnerability in Pippin Williamson CGC Maintenance Mode allows Functionality Bypass.This issue affects CGC Maintenance Mode: from n/a through 1.2. |