| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| A vulnerability classified as critical was found in Beijing Yunfan Internet Technology Yunfan Learning Examination System 1.9.2. Affected by this vulnerability is an unknown functionality of the file src/main/java/com/yf/exam/modules/sys/user/controller/SysUserControl of the component JWT Token Handler. The manipulation leads to improper authentication. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. |
| Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability |
| Microsoft OneNote Elevation of Privilege Vulnerability |
| Windows Kerberos Elevation of Privilege Vulnerability |
| Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability |
| IBM Storage Scale Container Native Storage Access 5.1.2.1 -through 5.1.7.0 could allow an attacker to initiate connections to containers from external networks. IBM X-Force ID: 237812. |
| IBM Storage Scale Container Native Storage Access 5.1.2.1 through 5.1.7.0 could allow a local attacker to initiate connections from a container outside the current namespace. IBM X-Force ID: 237811. |
| A vulnerability has been found in Demososo DM Enterprise Website Building System up to 2022.8 and classified as critical. Affected by this vulnerability is the function dmlogin of the file indexDM_load.php of the component Cookie Handler. The manipulation of the argument is_admin with the input y leads to improper authentication. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-254605 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. |
| Vulnerability of lax app identity verification in the pre-authorization function.Successful exploitation of this vulnerability will cause malicious apps to become pre-authorized. |
| Vulnerability of lax app identity verification in the pre-authorization function.Successful exploitation of this vulnerability will cause malicious apps to become pre-authorized. |
| Mattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before 9.4.3 fail to correctly verify account ownership when switching from email to SAML authentication, allowing an authenticated attacker to take over other user accounts via a crafted switch request under specific conditions.
|
| pam_krb5 authenticates a user by essentially running kinit with the password, getting a ticket-granting ticket (tgt) from the Kerberos KDC (Key Distribution Center) over the network, as a way to verify the password. However, if a keytab is not provisioned on the system, pam_krb5 has no way to validate the response from the KDC, and essentially trusts the tgt provided over the network as being valid. In a non-default FreeBSD installation that leverages pam_krb5 for authentication and does not have a keytab provisioned, an attacker that is able to control both the password and the KDC responses can return a valid tgt, allowing authentication to occur for any user on the system.
|
| Improper access control vulnerability has been identified in the SMA100 SSL-VPN virtual office portal, which in specific conditions could potentially enable a remote authenticated attacker to associate another user's MFA mobile application. |
| Affected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5 contain some widgets that would allow a remote user to bypass authentication and potentially chain with other vulnerabilities.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities.
This is similar to, but not identical to CVE-2023-32524. |
| Affected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5 contain some widgets that would allow a remote user to bypass authentication and potentially chain with other vulnerabilities.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities.
This is similar to, but not identical to CVE-2023-32523. |
| Multiple Services such as VHS(Video History Server) and VCD(Video Clip Distributor) and Clips2 were discovered to be vulnerable to an unauthenticated arbitrary file read/write vulnerability due to missing input validation on filenames. A malicious attacker could read sensitive files from the filesystem or write/delete arbitrary files on the filesystem as well. |
| Improper authentication vulnerability in WL-WN531AX2 firmware versions prior to 2023526 allows a network-adjacent attacker to obtain a password for the wireless network. |
|
Dell BIOS contains an improper authentication vulnerability. A locally authenticated malicious user may potentially exploit this vulnerability by bypassing certain authentication mechanisms in order to elevate privileges on the system.
|
| A vulnerability in the RADIUS authentication module of Cisco Policy Suite could allow an unauthenticated, remote attacker to be authorized as a subscriber without providing a valid password; however, the attacker must provide a valid username. The vulnerability is due to incorrect RADIUS user credential validation. An attacker could exploit this vulnerability by attempting to access a Cisco Policy Suite domain configured with RADIUS authentication. An exploit could allow the attacker to be authorized as a subscriber without providing a valid password. This vulnerability affects the Cisco Policy Suite application running a release prior to 13.1.0 with Hotfix Patch 1 when RADIUS authentication is configured for a domain. Cisco Policy Suite Release 14.0.0 is also affected, as it includes vulnerable code, but RADIUS authentication is not officially supported in Cisco Policy Suite Releases 14.0.0 and later. Cisco Bug IDs: CSCvg40124. |
| A vulnerability in the authentication functionality of the web-based service portal of Cisco Elastic Services Controller Software could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrator privileges on an affected system. The vulnerability is due to improper security restrictions that are imposed by the web-based service portal of the affected software. An attacker could exploit this vulnerability by submitting an empty password value to an affected portal when prompted to enter an administrative password for the portal. A successful exploit could allow the attacker to bypass authentication and gain administrator privileges for the web-based service portal of the affected software. This vulnerability affects Cisco Elastic Services Controller Software Release 3.0.0. Cisco Bug IDs: CSCvg29809. |
