When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
4,372 vulnerabilities with CWE-287
CVE-2018-7745
HIGH
Western Bridge Cobub Razor 0.7.2 - Info Disclosure
CVSS 7.5
CVE-2018-1343
CRITICAL
NetIQ Privileged Account Manager 3.1.0.0-3.1.0.3 - Unauthenticated Remote Host Access via PAM Exposure
CVSS 9.8
CVE-2018-5455
CRITICAL
Moxa OnCell G3100-HSPA <1.4 - Auth Bypass
CVSS 9.8
CVE-2018-5314
HIGH
Citrix NetScaler ADC/Gateway <11.0.70.16/<11.1.55.13/<12.0.53.13 RCE via SSH
CVSS 7.5
CVE-2018-1286
MEDIUM
Apache OpenMeetings 3.0.0-4.0.1 - Authenticated Denial of Service via Privileged User CRUD Operations
CVSS 6.5
CVE-2018-0121
CRITICAL
Cisco Elastic Services Controller 3.0.0 - Unauthenticated Authentication Bypass via Empty Password
CVSS 9.8
CVE-2018-7034
HIGH
TRENDnet TEW-751DR, TEW-752DRU, and TEW733GR - Authentication Bypass via AUTHORIZED_GROUP Parameter
CVSS 7.5
CVE-2018-5459
CRITICAL
WAGO PFC200 Series 3S CoDeSys Runtime <2.4.X - Privilege Escalation
CVSS 9.8
CVE-2018-3601
CRITICAL
Trend Micro Control Manager 6.0 - Auth Bypass
CVSS 9.8
CVE-2018-6180
CRITICAL
Online Voting System 1.0 - Info Disclosure
CVSS 9.8
CVE-2018-1163
CRITICAL
Quest NetVault Backup 11.2.0.13 - Auth Bypass
CVSS 9.8
CVE-2018-0116
HIGH
Cisco Mobility Services Engine - Unauthenticated RADIUS Authentication Bypass via Invalid Password
CVSS 7.2
CVE-2018-6569
HIGH
West Wind Web Server 6.x - Unauthenticated Admin Access via /ADMIN.ASP
CVSS 8.8
CVE-2018-5794
MEDIUM
Extreme Networks ExtremeWireless <5.8.6.9, <5.9.1.3 - DoS
CVSS 5.3
CVE-2018-4836
HIGH
TeleControl Server Basic < 3.1 - Authenticated Privilege Escalation via Port 8000
CVSS 8.8
CVE-2018-4835
MEDIUM
TeleControl Server Basic < 3.1 - Unauthenticated Authentication Bypass via Port 8000
CVSS 5.3
CVE-2018-5328
CRITICAL
ZUUSE BEIMS ContractorWeb <5.18.0.0 - Privilege Escalation
CVSS 9.8
CVE-2018-0008
MEDIUM
Junos OS Multiple Versions - Unauthenticated Root Login via Commit Script Reboot
CVSS 6.2
CVE-2018-3815
MEDIUM
CommuniGate Pro 6.2 - Authenticated Email Spoofing via XIMSS Protocol Validation Bypass
CVSS 5.7
CVE-2018-3810
CRITICAL
Smart Google Code Inserter < 3.5 - Unauthenticated Arbitrary Code Insertion via sgcgoogleanalytic Parameter
CVSS 9.8
CVE-2017-20235
CRITICAL
ProSoft Technology ICX35-HWC Authentication Bypass
CVSS 9.1
CVE-2017-20237
CRITICAL
Hirschmann Industrial HiVision Authentication Bypass Remote Code Execution
CVSS 9.8
CVE-2017-20133
HIGH
Itech Job Portal Script <9.13 - Auth Bypass
CVSS 7.3
CVE-2017-18919
MEDIUM
Mattermost Server <3.7.0, 3.6.3 - CSRF
CVSS 5.3
CVE-2017-18908
CRITICAL
Mattermost Server <4.0.0-3.9.2 - Info Disclosure
CVSS 9.8
Details
Vulnerabilities
4,372
Exploit Likelihood
High