In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server …

ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Al…

In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions …

It was discovered, that redis, a persistent key-value database, due to a packaging issue, is pr…

An authentication bypass in the API component of Ivanti Endpoint Manager Mobile 12.5.0.0 and pr…

An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting F…

RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to vi…

Session Validation attacks in Apache Superset versions up to and including 2.0.1. Installations…

Undisclosed requests may bypass configuration utility authentication, allowing an attacker with…

Digiever DS-2105 Pro 3.1.0.71-11 devices allow time_tzsetup.cgi Command Injection. NOTE: This v…

SmarterTools SmarterMail versions prior to build 9511 contain an authentication bypass vulnerab…

The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote at…

In Apache CouchDB prior to 3.2.2, an attacker can access an improperly secured default installa…

An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via th…

A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA…

The Versa Concerto SD-WAN orchestration platform is vulnerable to an authentication bypass in t…

An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote una…

A missing authorization vulnerability affecting DELMIA Apriso from Release 2020 through Release…

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Su…

An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via th…

An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] vulnerabili…

A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Sof…

Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote …

An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticat…

SimpleHelp remote support software v5.5.7 and before has a vulnerability that allows low-privil…

The TeleMessage service through 2025-05-05 configures Spring Boot Actuator with an exposed heap…

A permissions issue was addressed with improved validation. This issue is fixed in macOS Big Su…

An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting F…

Unitronics VisiLogic before version 9.9.00, used in Vision and Samba PLCs and HMIs, uses a defa…