Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-290

CWE-290

Authentication Bypass by Spoofing

Parent: CWE-1390 - Weak Authentication

This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

578 vulnerabilities with CWE-290

CVE-2019-16871 CRITICAL

Beckhoff TwinCAT < 3.1 - Remote Code Execution via ADS Protocol

CVE-2019-18259 CRITICAL

Omron PLC CJ and CS Firmware - Authentication Bypass by Spoofing

CVE-2019-16766 HIGH

wagtail-2fa < 1.3.0 - Authentication Bypass via URL Manipulation

CVE-2019-13715 MEDIUM

Google Chrome < 78.0.3904.70 - Domain Spoofing via IDN Homographs in Omnibox

CVE-2019-13709 MEDIUM

Google Chrome <78.0.3904.70 - Auth Bypass

CVE-2019-13708 MEDIUM

Google Chrome < 78.0.3904.70 - Authentication Bypass by Spoofing via Omnibox Manipulation

CVE-2019-13704 MEDIUM

Google Chrome < 78.0.3904.70 - Content Security Policy Bypass via Crafted HTML Page

CVE-2019-13703 MEDIUM

Google Chrome <78.0.3904.70 - Info Disclosure

CVE-2019-13701 MEDIUM

Google Chrome < 78.0.3904.70 - URL Spoofing via Omnibox Manipulation

CVE-2019-0388 MEDIUM

SAP UI5 - Content Manipulation via Insufficient URL Validation

CVE-2019-1234 HIGH

Azure Stack - Authentication Bypass by Spoofing via Request Validation Failure

CVE-2019-18659 MEDIUM

Wireless Emergency Alerts Protocol - Presidential Alert Spoofing

CVE-2019-1357 MEDIUM

Internet Explorer - Authentication Bypass via Cookie Handling

CVE-2019-1318 MEDIUM

Windows - Authentication Bypass via TLS Non-EMS Session Spoofing

CVE-2019-0608 MEDIUM

Internet Explorer - Spoofing via HTTP Content Parsing

CVE-2019-15022 HIGH

Zingbox Inspector < 1.294 - ARP Spoofing Authentication Bypass

CVE-2019-16378 CRITICAL

OpenDMARC <1.3.2, <1.4.0-Beta1 - Signature Bypass

CVE-2019-3884 MEDIUM

OpenShift 3.6-3.11, 4.1 - Authentication Bypass via UUID Spoofing

CVE-2019-0283 HIGH

SAP NetWeaver Process Integration - Digital Signature Spoofing via PI Axis Adapter

CVE-2019-10875 MEDIUM

Mi Browser and Mint Browser - URL Spoofing via Query Parameter Handling

CVE-2019-3775 HIGH

Cloud Foundry UAA < 70.0 - Authenticated User Impersonation via Email Address Spoofing

CVE-2018-25361 MEDIUM

Soroush IM Desktop App 0.17.0 Authentication Bypass via Database Injection

CVE-2018-25318 CRITICAL

Tenda FH303/A300 V5.07.68_EN Cookie Session Weakness DNS Change

CVE-2018-25317 CRITICAL

Tenda W3002R/A302/W309R V5.07.64_en Cookie Session Weakness DNS Change

CVE-2018-25316 CRITICAL

Tenda W308R v2 V5.07.48 Cookie Session Weakness DNS Change

Previous Page 22 of 24 Next

Details

Vulnerabilities 578

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy