Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-290

CWE-290

Authentication Bypass by Spoofing

Parent: CWE-1390 - Weak Authentication

This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

575 vulnerabilities with CWE-290

CVE-2024-31802 MEDIUM

DESIGNA ABACUS v.18 and before - Authentication Bypass via Crafted QR Code

CVE-2024-4846 MEDIUM

Devolutions Server < 2024.1.15.0 - Authenticated Authentication Bypass via 2FA Spoofing

CVE-2024-39337 MEDIUM

Click Studios Passwordstate Core <9.8.9858 - Auth Bypass

CVE-2024-21518 HIGH

OpenCart >= 4.0.0.0 - Path Traversal via Marketplace Installer Zip Slip

CVE-2024-30058 MEDIUM

Microsoft Edge Chromium < 126.0.2592.56 - Spoofing

CVE-2024-36588 MEDIUM

Annonshop.app - Info Disclosure

CVE-2024-5812 LOW

Beyondtrust Beyondinsight Password Safe < 23.2.0.1293 - Authentication Bypass by Spoofing

CVE-2024-35749 LOW

Acurax Under Construction / Maintenance Mode < 2.6 - Authentication Bypass by Spoofing

CVE-2024-5037 HIGH

Red Hat OpenShift Container Platform 4.12-4.16 - Authentication Bypass via Forged JWT Token

CVE-2024-4358 CRITICAL KEV

Telerik Report Server Auth Bypass and Deserialization RCE

CVE-2024-20363 MEDIUM

Cisco Firepower Threat Defense Snort IPS Engine Unauthenticated Rule Bypass via HTTP Packets

CVE-2024-32827 MEDIUM

RafflePress Giveaways and Contests <1.12.7 - Auth Bypass

CVE-2024-32786 MEDIUM

Royal Elementor Addons < 1.3.93 - Authentication Bypass via IP Spoofing

CVE-2024-32708 LOW

helderk Maintenance Mode <3.0.1 - Auth Bypass

CVE-2024-33917 MEDIUM

WTI Like Post <= 1.4.6 - Authentication Bypass by Spoofing

CVE-2024-30522 MEDIUM

Newsletter < 8.2.0 - IP Blacklist Bypass via Spoofing

CVE-2024-30480 LOW

Pippin Williamson CGC Maintenance Mode - Auth Bypass

CVE-2024-30479 MEDIUM

LionScripts IP Blocker Lite - Auth Bypass

CVE-2024-25906 MEDIUM

WP Happy Coders Comments Like Dislike <1.2.2 - Auth Bypass

CVE-2024-25595 MEDIUM

WPMU DEV Defender <4.4.1 - Auth Bypass

CVE-2024-22139 LOW

WordPress Manutenção <1.0.6 - Auth Bypass

CVE-2024-21746 MEDIUM

Wp Ultimate Review <= 2.3.6 - Authentication Bypass by Spoofing

CVE-2024-32977 HIGH

OctoPrint <= 1.10.0 - Unauthenticated Authentication Bypass via X-Forwarded-For Header Spoofing

CVE-2024-34397 MEDIUM

GNOME GLib <2.78.5, 2.79.x, 2.80.x - Info Disclosure

CVE-2024-34145 HIGH

Jenkins Script Security Plugin <1335.vf07d9ce377a_e - RCE

Previous Page 11 of 23 Next

Details

Vulnerabilities 575

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy