Total
4218 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-1000214 | 1 Ruckus | 1 Wireless H500 | 2025-04-12 | N/A |
| Ruckus Wireless H500 web management interface authentication bypass | ||||
| CVE-2016-5086 | 1 Animas | 2 Onetouch Ping, Onetouch Ping Firmware | 2025-04-12 | N/A |
| Johnson & Johnson Animas OneTouch Ping devices allow remote attackers to bypass authentication via replay attacks. | ||||
| CVE-2016-4966 | 1 Fortinet | 1 Fortiwan | 2025-04-12 | N/A |
| The diagnosis_control.php page in Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users to download PCAP files via vectors related to the UserName GET parameter. | ||||
| CVE-2016-4510 | 1 Trihedral | 1 Vtscada | 2025-04-12 | N/A |
| The WAP interface in Trihedral VTScada (formerly VTS) 8.x through 11.x before 11.2.02 allows remote attackers to bypass authentication and read arbitrary files via unspecified vectors. | ||||
| CVE-2016-2944 | 1 Ibm | 1 Bigfix Remote Control | 2025-04-12 | N/A |
| IBM BigFix Remote Control before 9.1.3 does not properly restrict failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force approach. | ||||
| CVE-2016-2012 | 1 Hp | 1 Network Node Manager I | 2025-04-12 | N/A |
| HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote attackers to bypass authentication via unspecified vectors. | ||||
| CVE-2015-2978 | 1 Webservice-dic | 1 Yoyaku | 2025-04-12 | N/A |
| Webservice-DIC yoyaku_v41 allows remote attackers to bypass authentication and complete a conference-room reservation via unspecified vectors, as demonstrated by an "unintentional reservation." | ||||
| CVE-2016-2300 | 1 Ecava | 1 Integraxor | 2025-04-12 | N/A |
| Ecava IntegraXor before 5.0 build 4522 allows remote attackers to bypass authentication and access unspecified web pages via unknown vectors. | ||||
| CVE-2013-3092 | 1 Belkin | 2 N300, N300 Firmware | 2025-04-12 | N/A |
| The Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication and gain privileges via vectors related to incorrect validation of the HTTP Authorization header. | ||||
| CVE-2016-2245 | 1 Hp | 1 Support Assistant | 2025-04-12 | N/A |
| HP Support Assistant before 8.1.52.1 allows remote attackers to bypass authentication via unspecified vectors. | ||||
| CVE-2016-6802 | 1 Apache | 1 Shiro | 2025-04-12 | N/A |
| Apache Shiro before 1.3.2 allows attackers to bypass intended servlet filters and gain access by leveraging use of a non-root servlet context path. | ||||
| CVE-2014-2075 | 1 Tibco | 2 Enterprise Administrator, Enterprise Administrator Sdk | 2025-04-12 | N/A |
| TIBCO Enterprise Administrator 1.0.0 and Enterprise Administrator SDK 1.0.0 do not properly enforce administrative authentication requirements, which allows remote attackers to execute arbitrary commands via unspecified vectors. | ||||
| CVE-2016-0883 | 1 Pivotal Software | 1 Operations Manager | 2025-04-12 | N/A |
| Pivotal Cloud Foundry (PCF) Ops Manager before 1.5.14 and 1.6.x before 1.6.9 uses the same cookie-encryption key across different customers' installations, which allows remote attackers to bypass session authentication by leveraging knowledge of this key from another installation. | ||||
| CVE-2014-8896 | 1 Ibm | 2 Infosphere Master Data Management Collaborative Server, Infosphere Master Data Management Server For Product Information Management | 2025-04-12 | N/A |
| The Collaboration Server in IBM InfoSphere Master Data Management Server for Product Information Management 9.x through 9.1 and InfoSphere Master Data Management - Collaborative Edition 10.x through 10.1, 11.0 before FP7, and 11.3 and 11.4 before 11.4 FP1 allows remote authenticated users to modify the administrator's credentials and consequently gain privileges via unspecified vectors. | ||||
| CVE-2016-6452 | 1 Cisco | 1 Prime Home | 2025-04-12 | N/A |
| A vulnerability in the web-based graphical user interface (GUI) of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges. Cisco Prime Home versions 5.1.1.6 and earlier and 5.2.2.2 and earlier have been confirmed to be vulnerable. Cisco Prime Home versions 6.0 and later are not vulnerable. More Information: CSCvb71732. Known Affected Releases: 5.0 5.0(1) 5.0(1.1) 5.0(1.2) 5.0(2) 5.15.1(0) 5.1(1) 5.1(1.3) 5.1(1.4) 5.1(1.5) 5.1(1.6) 5.1(2) 5.1(2.1) 5.1(2.3) 5.25.2(0.1) 5.2(1.0) 5.2(1.2) 5.2(2.0) 5.2(2.1) 5.2(2.2). | ||||
| CVE-2016-3085 | 1 Apache | 1 Cloudstack | 2025-04-12 | N/A |
| Apache CloudStack 4.5.x before 4.5.2.1, 4.6.x before 4.6.2.1, 4.7.x before 4.7.1.1, and 4.8.x before 4.8.0.1, when SAML-based authentication is enabled and used, allow remote attackers to bypass authentication and access the user interface via vectors related to the SAML plugin. | ||||
| CVE-2015-6314 | 1 Cisco | 1 Wireless Lan Controller Software | 2025-04-12 | N/A |
| Cisco Wireless LAN Controller (WLC) devices with software 7.6.x, 8.0 before 8.0.121.0, and 8.1 before 8.1.131.0 allow remote attackers to change configuration settings via unspecified vectors, aka Bug ID CSCuw06153. | ||||
| CVE-2016-4979 | 2 Apache, Redhat | 2 Http Server, Rhel Software Collections | 2025-04-12 | N/A |
| The Apache HTTP Server 2.4.18 through 2.4.20, when mod_http2 and mod_ssl are enabled, does not properly recognize the "SSLVerifyClient require" directive for HTTP/2 request authorization, which allows remote attackers to bypass intended access restrictions by leveraging the ability to send multiple requests over a single connection and aborting a renegotiation. | ||||
| CVE-2015-8269 | 1 Fisher-price | 1 Smart Toy Bear | 2025-04-12 | N/A |
| The API on Fisher-Price Smart Toy Bear devices allows remote attackers to obtain sensitive information or modify data by leveraging presence in an 802.11 network's coverage area and entering an account number. | ||||
| CVE-2015-7914 | 1 Sauter | 1 Moduweb Vision | 2025-04-12 | N/A |
| Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 allows remote attackers to bypass authentication by leveraging knowledge of a password hash without knowledge of the associated password. | ||||