Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-290

CWE-290

Authentication Bypass by Spoofing

Parent: CWE-1390 - Weak Authentication

This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

576 vulnerabilities with CWE-290

CVE-2023-51747 HIGH

Apache James <3.8.1-3.7.5 - SMTP Smuggling

CVE-2023-42889 MEDIUM

macOS 12.0-12.7.1 - Authentication Bypass by Spoofing

CVE-2023-42843 MEDIUM

Safari < 17.1 - Address Bar Spoofing via Inconsistent UI State

CVE-2023-7169 MEDIUM

Snow Inventory Agent < 7.0 - Authentication Bypass via Signature Spoofing

CVE-2023-6044 MEDIUM

Lenovo Vantage - Privilege Escalation

CVE-2023-4566 HIGH

Trust Relationship Inaccuracy - Info Disclosure

CVE-2023-44117 HIGH

Trust Relationship Inaccuracy - Info Disclosure

CVE-2023-4001 MEDIUM

GRUB2 - Authentication Bypass via Duplicate UUID Configuration File

CVE-2023-51350 CRITICAL

ujcms 8.0.2 - Authentication Bypass via X-Forwarded-For Header Spoofing

CVE-2023-41069 MEDIUM

iPadOS < 17.0 - Authentication Bypass via Face ID Spoofing

CVE-2023-49794 MEDIUM

kernelsu < 0.7.1 - Authentication Bypass via Malicious APK Spoofing

CVE-2023-35622 HIGH

Windows Server 2008, 2012, 2016, 2019, 2022, 2022 23H2 - Authentication Bypass via DNS Spoofing

CVE-2023-50463 MEDIUM

Caddy < 0.6.0 - Authentication Bypass via X-Forwarded-For Header Spoofing

CVE-2023-43304 HIGH

PARK DANDAN mini-app - Info Disclosure

CVE-2023-6263 HIGH

Network Optix NxCloud <23.1.0.40440 - Info Disclosure

CVE-2023-3103 HIGH

Unitree A1 Firmware - Authentication Bypass via Man-in-the-Middle Attack

CVE-2023-5801 CRITICAL

HarmonyOS - Authentication Bypass via Face Unlock Module

CVE-2023-36769 MEDIUM

Microsoft OneNote - Authentication Bypass by Spoofing

CVE-2023-20246 MEDIUM

Snort 3.0.0-3.1.56.9 - Unauthenticated Access Control Policy Bypass

CVE-2023-20256 MEDIUM

Cisco Adaptive Security Appliance Software - Unauthenticated Access Control List Bypass via Per-User-Override Feature

CVE-2023-20245 MEDIUM

Cisco Adaptive Security Appliance Software - Unauthenticated Access Control List Bypass via Per-User-Override Feature

CVE-2023-28803 MEDIUM

Zscaler Client Connector <3.9 - Auth Bypass

CVE-2023-30803 CRITICAL

Sangfor Next-Gen Application Firewall NGAF8.0.17 - Unauthenticated Authentication Bypass via Y-forwarded-for Header

CVE-2023-44463 MEDIUM

pretix < 2023.7.1 - IP Address Spoofing via X-Forwarded-For Header

CVE-2023-41329 LOW

WireMock - DNS Rebinding Attack via Proxy Mode Network Restrictions

Previous Page 14 of 24 Next

Details

Vulnerabilities 576

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy