Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-290

CWE-290

Authentication Bypass by Spoofing

Parent: CWE-1390 - Weak Authentication

This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

576 vulnerabilities with CWE-290

CVE-2023-4178 CRITICAL

Neutron Smart VMS < b1130.1.0.1 - Authentication Bypass by Spoofing

CVE-2023-31424 HIGH

Brocade SANnav <2.3.0-2.2.2a - Auth Bypass

CVE-2023-30950 MEDIUM

Palantir Foundry Campaigns Service - Information Disclosure

CVE-2023-38173 MEDIUM

Microsoft Edge Chromium < 115.0.1901.183 - Authentication Bypass by Spoofing

CVE-2023-35392 MEDIUM

Microsoft Edge Chromium < 115.0.1901.183 - Authentication Bypass by Spoofing

CVE-2023-34329 CRITICAL

AMI MegaRAC SP-X - Authentication Bypass via HTTP Header Spoofing

CVE-2023-36883 MEDIUM

Microsoft Edge for iOS < 114.0.1823.82 - Spoofing

CVE-2023-27199 MEDIUM

PAX Technology A930 PayDroid - Code Injection

CVE-2023-22814 CRITICAL

Western Digital My Cloud OS 5.02.104-5.26.202 - Authentication Bypass via Token Spoofing

CVE-2023-29147 MEDIUM

Malwarebytes EDR <1.0.11 - Privilege Escalation

CVE-2023-3243 HIGH

Honeywell Alerton BCM-WEB 3.3.X - Authentication Bypass via Session Hash Spoofing

CVE-2023-27964 MEDIUM

AirPods Firmware - Authentication Bypass via Bluetooth Device Spoofing

CVE-2023-3128 CRITICAL

Grafana 6.7.0-8.5.26 and 9.4.0-9.4.12 - Authentication Bypass via Azure AD Email Claim Spoofing

CVE-2023-34167 MEDIUM

Huawei EMUI - Authentication Bypass by Spoofing via Trustlist Manipulation

CVE-2023-34160 MEDIUM

Huawei EMUI - Authentication Bypass by Spoofing via Trustlist Manipulation

CVE-2023-34158 MEDIUM

Huawei EMUI - Authentication Bypass by Spoofing via Trustlist Manipulation

CVE-2023-34157 CRITICAL

HarmonyOS < 2.0 - Authentication Bypass by Spoofing via HwWatchHealth Hijacking

CVE-2023-33140 MEDIUM

Microsoft OneNote - Authentication Bypass by Spoofing

CVE-2023-2807 MEDIUM

Pandora FMS < 772 - Unauthenticated Authentication Bypass via Password Reset Spoofing

CVE-2023-2001 MEDIUM

GitLab < 15.10.8, 15.11 < 15.11.7, 16.0 < 16.0.2 - Authentication Bypass by Spoofing via Protected Tag

CVE-2023-32207 HIGH

Firefox < 113.0 and Firefox ESR < 102.11 - Authentication Bypass via Popup Notification Spoofing

CVE-2023-25743 HIGH

Firefox Focus - Authentication Bypass by Spoofing via Fullscreen Mode

CVE-2023-2887 CRITICAL

Chatbot <4.0.3.4-4.0.3.7 - Auth Bypass

CVE-2023-29334 MEDIUM

Microsoft Edge Chromium < 112.0.1722.48 - Authentication Bypass by Spoofing

CVE-2023-24935 MEDIUM

Microsoft Edge Chromium < 112.0.5615.49 - Authentication Bypass by Spoofing

Previous Page 15 of 24 Next

Details

Vulnerabilities 576

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy