Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-290

CWE-290

Authentication Bypass by Spoofing

Parent: CWE-1390 - Weak Authentication

This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

578 vulnerabilities with CWE-290

CVE-2021-42308 LOW

Microsoft Edge Chromium < 96.0.1054.29 - Authentication Bypass by Spoofing

CVE-2021-41130 MEDIUM

Google Extensible Service Proxy ESPv1 - JWT Claim Header Authorization Bypass

CVE-2021-41753 HIGH

D-Link DIR-X1560 and DIR-X6060 Firmware - Denial of Service via Spoofed SAE Authentication Frames

CVE-2021-40824 MEDIUM

Element Android <1.2.2 - Info Disclosure

CVE-2021-40823 MEDIUM

Matrix Javascript SDK <12.4.1 - Info Disclosure

CVE-2021-40867 HIGH

NETGEAR smart switches <1.0.8.2 - Auth Bypass

CVE-2021-30621 MEDIUM

CVE-2021-30619 MEDIUM

CVE-2021-34646 CRITICAL

Booster for WooCommerce <= 5.4.3 - Authentication Bypass via Email Verification Token Weakness

CVE-2021-32076 MEDIUM

SolarWinds Web Help Desk < 12.7.2 - Authentication Bypass via Referrer Spoofing

CVE-2021-38598 CRITICAL

OpenStack Neutron <16.4.1-18.0.0 - DoS

CVE-2021-28372 HIGH

ThroughTek Kalay Platform 2.0 - Privilege Escalation

CVE-2021-32631 MEDIUM

nimble-project common - Authentication Bypass via JWT Signature Spoofing

CVE-2021-34466 MEDIUM

Windows 10 - Authentication Bypass via Windows Hello Security Feature

CVE-2021-22779 CRITICAL

Schneider-electric Ecostruxure Control Expert < 15.0 - Authentication Bypass by Spoofing

CVE-2021-34548 HIGH

Tor < 0.3.5.15 - Authentication Bypass via Forged RELAY_END or RELAY_RESOLVED

CVE-2021-28810 HIGH

Roon Server < 2021-05-18 - Authentication Bypass

CVE-2021-20278 MEDIUM

Kiali < 1.31.0 - Authentication Bypass via OpenID Implicit Flow

CVE-2021-31209 MEDIUM

Microsoft Exchange Server - Authentication Bypass by Spoofing

CVE-2021-31195 MEDIUM

Microsoft Exchange Server - Remote Code Execution

CVE-2021-31172 HIGH

Microsoft SharePoint Server - Authentication Bypass by Spoofing

CVE-2021-28478 HIGH

Microsoft SharePoint Server - Authentication Bypass by Spoofing

CVE-2021-26418 MEDIUM

Microsoft SharePoint Server - Authentication Bypass by Spoofing

CVE-2021-29441 HIGH

Nacos < 1.4.1 - Authentication Bypass via User-Agent Spoofing

CVE-2021-21216 MEDIUM

Google Chrome < 90.0.4430.72 - Authentication Bypass by Spoofing via Autofill Security UI

Previous Page 19 of 24 Next

Details

Vulnerabilities 578

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy