Total
265 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-20363 | 2024-07-03 | N/A | 5.8 MEDIUM | ||
| Multiple Cisco products are affected by a vulnerability in the Snort Intrusion Prevention System (IPS) rule engine that could allow an unauthenticated, remote attacker to bypass the configured rules on an affected system. This vulnerability is due to incorrect HTTP packet handling. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass configured IPS rules and allow uninspected traffic onto the network. | |||||
| CVE-2024-39350 | 2024-06-28 | N/A | 7.5 HIGH | ||
| A vulnerability regarding authentication bypass by spoofing is found in the RTSP functionality. This allows man-in-the-middle attackers to obtain privileges without consent via unspecified vectors. The following models with Synology Camera Firmware versions before 1.0.7-0298 may be affected: BC500 and TC500. | |||||
| CVE-2020-10136 | 4 Cisco, Digi, Hp and 1 more | 63 Nexus 1000v, Nexus 1000ve, Nexus 3016 and 60 more | 2024-06-17 | 5.0 MEDIUM | 5.3 MEDIUM |
| IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing. | |||||
| CVE-2024-4358 | 1 Telerik | 1 Report Server 2024 | 2024-06-14 | N/A | 9.8 CRITICAL |
| In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability. | |||||
| CVE-2024-5812 | 2024-06-13 | N/A | 3.3 LOW | ||
| A low severity vulnerability in BIPS has been identified where an attacker with high privileges or a compromised high privilege account can overwrite Read-Only smart rules via a specially crafted API request. | |||||
| CVE-2024-35749 | 1 Acurax | 1 Under Construction \/ Maintenance Mode | 2024-06-12 | N/A | 5.3 MEDIUM |
| Authentication Bypass by Spoofing vulnerability in Acurax Under Construction / Maintenance Mode from Acurax allows Authentication Bypass.This issue affects Under Construction / Maintenance Mode from Acurax: from n/a through 2.6. | |||||
| CVE-2024-20674 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-06-11 | N/A | 8.8 HIGH |
| Windows Kerberos Security Feature Bypass Vulnerability | |||||
| CVE-2023-51542 | 2024-06-04 | N/A | 5.3 MEDIUM | ||
| Authentication Bypass by Spoofing vulnerability in WPMU DEV Branda allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Branda: from n/a through 3.4.14. | |||||
| CVE-2023-49741 | 2024-06-04 | N/A | 3.7 LOW | ||
| Authentication Bypass by Spoofing vulnerability in wpdevart Coming soon and Maintenance mode allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Coming soon and Maintenance mode: from n/a through 3.7.3. | |||||
| CVE-2023-51667 | 2024-06-04 | N/A | 5.3 MEDIUM | ||
| Authentication Bypass by Spoofing vulnerability in FeedbackWP Rate my Post – WP Rating System allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Rate my Post – WP Rating System: from n/a through 3.4.2. | |||||
| CVE-2023-52176 | 2024-06-04 | N/A | 5.3 MEDIUM | ||
| Authentication Bypass by Spoofing vulnerability in miniorange Malware Scanner allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Malware Scanner: from n/a through 4.7.1. | |||||
| CVE-2023-51543 | 2024-06-04 | N/A | 5.3 MEDIUM | ||
| Authentication Bypass by Spoofing vulnerability in Metagauss RegistrationMagic allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects RegistrationMagic: from n/a through 5.2.5.0. | |||||
| CVE-2023-48271 | 2024-06-04 | N/A | 5.3 MEDIUM | ||
| Authentication Bypass by Spoofing vulnerability in yonifre Maspik – Spam blacklist allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Maspik – Spam blacklist: from n/a through 0.10.3. | |||||
| CVE-2023-37865 | 2024-06-04 | N/A | 5.3 MEDIUM | ||
| Authentication Bypass by Spoofing vulnerability in IP2Location Download IP2Location Country Blocker allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Download IP2Location Country Blocker: from n/a through 2.29.1. | |||||
| CVE-2023-48753 | 2024-06-04 | N/A | 5.3 MEDIUM | ||
| Authentication Bypass by Spoofing vulnerability in 10up Restricted Site Access allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Restricted Site Access: from n/a through 7.4.1. | |||||
| CVE-2023-41134 | 2024-06-04 | N/A | 5.3 MEDIUM | ||
| Authentication Bypass by Spoofing vulnerability in pluginkollektiv Antispam Bee allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Antispam Bee: from n/a through 2.11.3. | |||||
| CVE-2023-47769 | 2024-06-04 | N/A | 3.7 LOW | ||
| Authentication Bypass by Spoofing vulnerability in WP Maintenance allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Maintenance: from n/a through 6.1.3. | |||||
| CVE-2024-30522 | 2024-05-17 | N/A | 5.3 MEDIUM | ||
| Authentication Bypass by Spoofing vulnerability in Stefano Lissa & The Newsletter Team Newsletter allows Functionality Bypass.This issue affects Newsletter: from n/a through 8.2.0. | |||||
| CVE-2024-33917 | 2024-05-17 | N/A | 5.3 MEDIUM | ||
| Authentication Bypass by Spoofing vulnerability in webtechideas WTI Like Post allows Functionality Bypass.This issue affects WTI Like Post: from n/a through 1.4.6. | |||||
| CVE-2024-21746 | 2024-05-17 | N/A | 5.3 MEDIUM | ||
| Authentication Bypass by Spoofing vulnerability in Wpmet Wp Ultimate Review allows Functionality Bypass.This issue affects Wp Ultimate Review: from n/a through 2.3.2. | |||||