An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction o…

An authentication bypass vulnerability in Ivanti EPMM allows unauthorized users to access restr…

Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R…

An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS versi…

An authentication bypass vulnerability in Ivanti EPMM 11.10 and older, allows unauthorized user…

A remote code execution vulnerability exists in Microsoft Exchange software when the software f…

An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlog…

An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti …

Microsoft SharePoint Server Elevation of Privilege Vulnerability

Grafana is an open source data visualization platform. In affected versions unauthenticated and…

In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthe…

Atlassian has been made aware of an issue reported by a handful of customers where external att…

Unauthenticated remote attackers can access the system through the LoadMaster management interf…

An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attac…

An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an attacker can include (vie…

The identity authentication bypass vulnerability found in some Dahua products during the login …

An Improper Authentication issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build …

The administrator application on ASUS GT-AC2900 devices before 3.0.0.4.386.42643 and Lyra Mini …

Apache Shiro before 1.2.5, when a cipher key has not been configured for the "remember me" feat…

The identity authentication bypass vulnerability found in some Dahua products during the login …

Improper Authentication vulnerability in Apache Solr. Solr instances using the PKIAuthenticati…

sql/password.c in Oracle MySQL 5.1.x before 5.1.63, 5.5.x before 5.5.24, and 5.6.x before 5.6.6…

In the case of instances where the SAML SSO authentication is enabled (non-default), session da…

A flaw was found in Apache ShenYu Admin. The incorrect use of JWT in ShenyuAdminBootstrap allow…

InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function i…

Nacos is a platform designed for dynamic service discovery and configuration and service manage…

OpenMetadata is a unified platform for discovery, observability, and governance powered by a ce…

An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote…

ProjectSend versions prior to r1720 are affected by an improper authentication vulnerability. R…

An issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor eauth …

HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute ar…

An issue in WooCommerce Payments plugin for WordPress (versions 5.6.1 and lower) allows an unau…

Pulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an authentication bypass vulnerabi…

Gogs 0.11.66 allows remote code execution because it does not properly validate session IDs, as…

Improper Authentication vulnerability in WPDeveloper Essential Addons for Elementor allows Priv…

An issue was discovered on Dasan GPON home routers. It is possible to bypass authentication sim…

Once an user is authenticated on Jolokia, he can potentially trigger arbitrary code execution. …

In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions …

octobercms in a CMS platform based on the Laravel PHP Framework. In affected versions of the oc…

An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. When the administrative w…