Genua GenuGate High Resistance Firewall versions prior to 10.1 p4, 9.6 p7, and 9.0 Z p19 suffer from an authentication bypass vulnerability.
0161acaf18b16e7aa3d543af4bf41a1a
Online Voting System version 1.0 suffers from an authorization bypass vulnerability that allows for the password change of other users.
16768c5f888788b48538184a138bb0bb
CASAP Automated Enrollment System version 1.0 suffers from an authentication bypass vulnerability.
535ea6fc08b41bb2412140d2c69c1c19
Inteno IOPSYS version 3.16.4 suffers from a newline injection issue with samba share options that allows an attacker root access to the filesystem.
4dd764fc81b64e4c4edde1c782c708ff
This Metasploit module exploits an authentication bypass in Netsia SEBA+ versions 0.16.1 and below to add a root user.
48e1d8f9d10632c1de0461c5d272f23d
Coturn version 4.5.1.x suffers from a loopback access control bypass vulnerability.
253cda007888131792b88ab2a5964ea2
Dovecot versions 2.2.26 through 2.3.11.3 suffer from a bypass issue. When imap hibernation is active, an attacker can cause Dovecot to discover file system directory structure and access other users' emails using a specially crafted command. The attacker must have valid credentials to access the mail server.
5f6ec291becfdbef0390d40207572b2b
Magic Home Pro version 1.5.1 suffers from an authentication bypass vulnerability.
443c1499ee75c5e874d1fb3b78099e20
Red Hat Security Advisory 2020-5487-01 - The Pacemaker cluster resource manager is a collection of technologies working together to maintain data integrity and application availability in the event of failures. Issues addressed include a bypass vulnerability.
fc415d96d2794550073159993905fd0d
Red Hat Security Advisory 2020-5453-01 - The Pacemaker cluster resource manager is a collection of technologies working together to maintain data integrity and application availability in the event of failures. Issues addressed include a bypass vulnerability.
b4a93cbe7feddaa610fd869f5a2f9e43
Red Hat Security Advisory 2020-5423-01 - The Pacemaker cluster resource manager is a collection of technologies working together to maintain data integrity and application availability in the event of failures. Issues addressed include a bypass vulnerability.
d926c7696d9a762d6499f87ef0ae8e38
The OpenAsset Digital Asset Management web application allowed for spoofing of IP addresses by using X-Forwarded-For header. By default, the web application would allow all traffic in for 127.0.0.1, in order to prevent users from accidentally blocking themselves. Vulnerable versions include 12.0.19 (Cloud) and 11.2.1 (On-premise).
b1d09f4404b1268792fe1602be620242
Proof of concept code that demonstrates a full CSP bypass in Chromium 83.
5f28bc1718fd589618d504b2b06e5d99
Intelbras Router RF 301K version 1.1.2 suffers from an authentication bypass vulnerability.
7f66e81bed10e301accbd0125edcf58a
BigBlueButton versions 2.2.29 and below suffer from an e-mail validation bypass vulnerability.
e5cbcb0cd6ca27bcdf0920717ef88a9c
The TP-Link TL-WA855RE V5_200415 suffers from a flow where an unauthenticated attacker can reset the device and then set a new administrator password.
f79efa750b058c193c7a2434bcaf03bd
This Metasploit module performs an authentication brute forcing attack against the panel in Bludit version 3.9.2.
466a1ffa63c9bdf248aa584d522e3934
Microsoft Windows suffers from a local spooler bypass vulnerability.
3f3c10cd2d2b0c404a73cddec7d03575
Genexis Platinum-4410 version P4410-V2-1.28 suffers from missing access control and cross site request forgery vulnerabilities.
19dd7cfa841cbf52a780424e364979a9
The CAPTCHA function for iDS6 DSSPro Digital Signage System version 6.2 is prone to a security bypass vulnerability that occurs in the CAPTCHA authentication routine. By requesting the autoLoginVerifyCode object an attacker can receive a JSON message code and successfully bypass the CAPTCHA-based authentication challenge and perform brute-force attacks.
63ad9696454afc1b19e579a677c06b40
Red Hat Security Advisory 2020-4436-01 - The gnome-software packages contain an application that makes it easy to add, remove, and update software in the GNOME desktop. The appstream-data package provides the distribution specific AppStream metadata required for the GNOME and KDE software centers. The fwupd packages provide a service that allows session software to update device firmware. Issues addressed include a bypass vulnerability.
db3a100b9d8cf91e055f1e39976e80f2
Monitorr version 1.7.6m suffers from an authorization bypass vulnerability.
cff648ad561711a93b6dd2c39a72cee7
Sentrifugo version 3.2 suffers from a restriction bypass vulnerability that allows for a remote shell upload.
981cdb0177e2271690c25d011e5b38c6
Red Hat Security Advisory 2020-4304-01 - RHACM 2.0.4 images Red Hat Advanced Cluster Management provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. Issues addressed include a bypass vulnerability.
b0ce11d71265978499e0048749ba5e2c
Bludit versions 3.9.2 and below bruteforce mitigation bypass exploit. Please visit the related homepage for deep dive details on usage.
e7c839c9101282f68b61aaf90a274f8f