Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-290

CWE-290

Authentication Bypass by Spoofing

Parent: CWE-1390 - Weak Authentication

This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

576 vulnerabilities with CWE-290

CVE-2022-38164 MEDIUM

F-Secure SAFE < 19.0 - URL Spoofing via Phishing Attack

CVE-2022-38712 MEDIUM

IBM WebSphere Application Server - SOAPAction Spoofing

CVE-2022-3337 MEDIUM

WARP mobile client - Info Disclosure

CVE-2022-42983 HIGH

anji-plus AJ-Report 0.9.8.6 - Authentication Bypass via JWT Token Spoofing

CVE-2022-0030 HIGH

PAN-OS 8.1.0-8.1.23 - Authentication Bypass via Web Interface Impersonation

CVE-2022-35770 MEDIUM

Windows NTLM Spoofing - Privilege Escalation

CVE-2022-34689 HIGH

Windows CryptoAPI - Authentication Bypass by Spoofing

CVE-2022-39227 CRITICAL

python-jwt < 3.3.4 - Authentication Bypass by Spoofing

CVE-2022-23949 HIGH

Keylime < 6.3.0 - Log Spoofing via Unsanitized UUID

CVE-2022-35957 MEDIUM

Grafana <9.1.6, 8.5.13 - Privilege Escalation

CVE-2022-37709 MEDIUM

Tesla Model 3 Firmware V11.0(2022.4.5.1 6b701552d7a6) - Authentication Bypass via BLE Phone Key Spoofing

CVE-2022-31149 HIGH

ActivityWatch < 0.12.0b2 - Authentication Bypass via DNS Rebinding

CVE-2022-32744 HIGH

Samba 4.3.0-4.14.13 - Authentication Bypass via Kpasswd Request Spoofing

CVE-2022-33991 MEDIUM

dproxy-nexgen - DNSSEC Protection Bypass via CD Bit Spoofing

CVE-2022-34716 MEDIUM

.NET 6.0.0-6.0.7 and .NET Core 3.1-3.1.27 - Authentication Bypass by Spoofing

CVE-2022-2324 HIGH

SonicWall Hosted Email Security <10.0.17.7319 - Info Disclosure

CVE-2022-35629 MEDIUM

Velociraptor < 0.6.5-2 - Authentication Bypass by Client ID Spoofing

CVE-2022-30319 HIGH

Honeywell Saia PG5 Controls Suite - Authentication Bypass via S-Bus UDP Spoofing

CVE-2022-2310 CRITICAL

Skyhigh SWG <10.2.12-11.2.1 - Auth Bypass

CVE-2022-1495 MEDIUM

Google Chrome < 101.0.4951.41 - Authentication Bypass by Spoofing via APK Downloads Dialog

CVE-2022-1307 MEDIUM

Google Chrome < 100.0.4896.88 - URL Spoofing via Full Screen Mode

CVE-2022-1306 MEDIUM

Google Chrome < 100.0.4896.88 - URL Spoofing via Omnibox Manipulation

CVE-2022-1129 MEDIUM

Google Chrome < 100.0.4896.60 - URL Spoofing via Full Screen Mode

CVE-2022-2368 MEDIUM

microweber < 1.2.20 - Authentication Bypass by Spoofing

CVE-2022-22476 HIGH

IBM WebSphere App Server <22.0.0.7 - Auth Bypass

Previous Page 17 of 24 Next

Details

Vulnerabilities 576

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy