D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 are vulnerable to authen…

An authentication bypass vulnerability was found in Stilog Visual Planning 8. It allows an unau…

SMTP service in (1) Microsoft Windows 2000 and (2) Internet Mail Connector (IMC) in Exchange Se…

RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can mo…

A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an una…

relay_cgi.cgi on Dingtian DT-R002 2CH relay devices with firmware 3.1.276A allows an attacker t…

Skype for Business in Microsoft Lync 2013 SP1 and Skype for Business 2016 allows an attacker to…

Fiyo CMS 2.0.6.1 allows remote authenticated users to gain privileges via a modified level para…

NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timesta…

An Authentication Bypass by Capture-Replay issue was discovered in Schneider Electric Modicon M…

The ntpq protocol in NTP before 4.2.8p7 allows remote attackers to conduct replay attacks by sn…

The HTTP Digest Authentication in the GoAhead web server before 5.1.2 does not completely prote…

The keyfob subsystem in Honda Civic 2012 vehicles allows a replay attack for unlocking. This is…

NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-th…

An issue was discovered in Emote Remote Mouse through 4.0.0.0. Authentication Bypass can occur …

Windows NTLM Elevation of Privilege Vulnerability

An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 produ…

An issue was discovered in the GAEN (aka Google/Apple Exposure Notifications) protocol through …

Authentication Bypass by Capture-replay vulnerability in Mitsubishi Electric MELSEC iQ-F series…

Verax NMS prior to 2.10 allows authentication via the encrypted password without knowing the cl…

The Sinilink XY-WFT1 WiFi Remote Thermostat, running firmware 1.3.6, allows an attacker to bypa…

Apache Spark supports end-to-end encryption of RPC connections via "spark.authenticate" and "sp…

The replay feature in the client in Wargaming World of Warships 0.11.4 allows remote attackers …

Authentication bypass by capture-replay vulnerability exists in Machine automation controller N…

An authentication bypass in website post requests in the Tzumi Electronics Klic Lock applicatio…

SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to a replay attack and comma…

In JUUKO K-808, an attacker could specially craft a packet that encodes an arbitrary command, w…

JUUKO K-800 (Firmware versions prior to numbers ending ...9A, ...9B, ...9C, etc.) is vulnerable…

The sync endpoint in YubiKey Validation Server before 2.40 allows remote attackers to replay an…

A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause execut…

Idelji Web ViewPoint Suite, as used in conjunction with HPE NonStop, allows a remote replay att…

It was found that cephx authentication protocol did not verify ceph clients correctly and was v…

Honeywell equIP series and Performance series IP cameras and recorders, A vulnerability exists …

Incorrect access control in push notification service in Night Owl Smart Doorbell FW version 20…

The Chuango 433 MHz burglar-alarm product line uses static codes in the RF remote control, allo…

In Notifier Web Server (NWS) Version 3.50 and earlier, the Honeywell Fire Web Server’s authenti…

Cosmos Network Ethermint <= v0.4.0 is affected by a cross-chain transaction replay vulnerabilit…

Arbitrary Authentication Relay and Session Hijack vulnerabilities in the deprecated VMware Enha…

Saml2 Authentication services for ASP.NET (NuGet package Sustainsys.Saml2) greater than 2.0.0, …

YSoft SafeQ Server 6 allows a replay attack.