Total
152 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-36128 | 1 Paxtechnology | 1 Paxstore | 2021-05-13 | 6.4 MEDIUM | 8.2 HIGH |
| Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by a token spoofing vulnerability. Each payment terminal has a session token (called X-Terminal-Token) to access the marketplace. This allows the store to identify the terminal and make available the applications distributed by its reseller. By intercepting HTTPS traffic from the application store, it is possible to collect the request responsible for assigning the X-Terminal-Token to the terminal, which makes it possible to craft an X-Terminal-Token pretending to be another device. An attacker can use this behavior to authenticate its own payment terminal in the application store through token impersonation. | |||||
| CVE-2021-29441 | 1 Alibaba | 1 Nacos | 2021-05-07 | 7.5 HIGH | 9.8 CRITICAL |
| Nacos is a platform designed for dynamic service discovery and configuration and service management. In Nacos before version 1.4.1, when configured to use authentication (-Dnacos.core.auth.enabled=true) Nacos uses the AuthFilter servlet filter to enforce authentication. This filter has a backdoor that enables Nacos servers to bypass this filter and therefore skip authentication checks. This mechanism relies on the user-agent HTTP header so it can be easily spoofed. This issue may allow any user to carry out any administrative tasks on the Nacos server. | |||||
| CVE-2021-21492 | 1 Sap | 1 Netweaver Application Server Java | 2021-04-20 | 4.3 MEDIUM | 4.3 MEDIUM |
| SAP NetWeaver Application Server Java(HTTP Service), versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently validate logon group in URLs, resulting in a content spoofing vulnerability when directory listing is enabled. | |||||
| CVE-2021-21134 | 3 Apple, Google, Microsoft | 3 Iphone Os, Chrome, Edge Chromium | 2021-03-08 | 4.3 MEDIUM | 6.5 MEDIUM |
| Incorrect security UI in Page Info in Google Chrome on iOS prior to 88.0.4324.96 allowed a remote attacker to spoof security UI via a crafted HTML page. | |||||
| CVE-2019-25023 | 1 Scytl | 1 Secure Vote | 2021-03-05 | 6.4 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Scytl sVote 2.1. Because the IP address from an X-Forwarded-For header (which can be manipulated client-side) is used for the internal application logs, an attacker can inject wrong IP addresses into these logs. | |||||
| CVE-2021-21310 | 1 Nextauth.js | 1 Next-auth | 2021-02-19 | 4.3 MEDIUM | 5.9 MEDIUM |
| NextAuth.js (next-auth) is am open source authentication solution for Next.js applications. In next-auth before version 3.3.0 there is a token verification vulnerability. Implementations using the Prisma database adapter in conjunction with the Email provider are impacted. Implementations using the Email provider with the default database adapter are not impacted. Implementations using the Prisma database adapter but not using the Email provider are not impacted. The Prisma database adapter was checking the verification token, but was not verifying the email address associated with that token. This made it possible to use a valid token to sign in as another user when using the Prima adapter in conjunction with the Email provider. This issue is specific to the community supported Prisma adapter. This issue is fixed in version 3.3.0. | |||||
| CVE-2020-27276 | 1 Sooil | 6 Anydana-a, Anydana-a Firmware, Anydana-i and 3 more | 2021-01-22 | 2.9 LOW | 5.7 MEDIUM |
| SOOIL Developments Co Ltd DiabecareRS,AnyDana-i & AnyDana-A, the communication protocol of the insulin pump and its AnyDana-i & AnyDana-A mobile apps doesn't use adequate measures to authenticate the communicating entities before exchanging keys, which allows unauthenticated, physically proximate attackers to eavesdrop the authentication sequence via Bluetooth Low Energy. | |||||
| CVE-2021-1677 | 1 Microsoft | 1 Azure Kubernetes Service | 2021-01-20 | 2.1 LOW | 5.5 MEDIUM |
| Azure Active Directory Pod Identity Spoofing Vulnerability | |||||
| CVE-2020-26276 | 1 Fleetdm | 1 Fleet | 2020-12-18 | 6.8 MEDIUM | 9.8 CRITICAL |
| Fleet is an open source osquery manager. In Fleet before version 3.5.1, due to issues in Go's standard library XML parsing, a valid SAML response may be mutated by an attacker to modify the trusted document. This can result in allowing unverified logins from a SAML IdP. Users that configure Fleet with SSO login may be vulnerable to this issue. This issue is patched in 3.5.1. The fix was made using https://github.com/mattermost/xml-roundtrip-validator If upgrade to 3.5.1 is not possible, users should disable SSO authentication in Fleet. | |||||
| CVE-2020-28856 | 1 Openasset | 1 Digital Asset Management | 2020-12-15 | 5.0 MEDIUM | 7.5 HIGH |
| OpenAsset Digital Asset Management (DAM) through 12.0.19 does not correctly determine the HTTP request's originating IP address, allowing attackers to spoof it using X-Forwarded-For in the header, by supplying localhost address such as 127.0.0.1, effectively bypassing all IP address based access controls. | |||||
| CVE-2020-26254 | 1 Omniauth-apple Project | 1 Omniauth-apple | 2020-12-10 | 5.0 MEDIUM | 7.7 HIGH |
| omniauth-apple is the OmniAuth strategy for "Sign In with Apple" (RubyGem omniauth-apple). In omniauth-apple before version 1.0.1 attackers can fake their email address during authentication. This vulnerability impacts applications using the omniauth-apple strategy of OmniAuth and using the info.email field of OmniAuth's Auth Hash Schema for any kind of identification. The value of this field may be set to any value of the attacker's choice including email addresses of other users. Applications not using info.email for identification but are instead using the uid field are not impacted in the same manner. Note, these applications may still be negatively affected if the value of info.email is being used for other purposes. Applications using affected versions of omniauth-apple are advised to upgrade to omniauth-apple version 1.0.1 or later. | |||||
| CVE-2020-7326 | 1 Mcafee | 1 Active Response | 2020-11-03 | 4.6 MEDIUM | 6.7 MEDIUM |
| Improperly implemented security check in McAfee Active Response (MAR) prior to 2.4.4 may allow local administrators to execute malicious code via stopping a core Windows service leaving McAfee core trust component in an inconsistent state resulting in MAR failing open rather than closed | |||||
| CVE-2020-4864 | 1 Ibm | 1 Resilient Security Orchestration Automation And Response | 2020-10-30 | 3.3 LOW | 4.3 MEDIUM |
| IBM Resilient SOAR V38.0 could allow an attacker on the internal net work to provide the server with a spoofed source IP address. IBM X-Force ID: 190567. | |||||
| CVE-2020-24375 | 1 Free | 3 Freebox Server, Freebox V5, Freebox V5 Firmware | 2020-10-27 | 4.3 MEDIUM | 6.5 MEDIUM |
| A DNS rebinding vulnerability in the UPnP MediaServer implementation in Freebox Server before 4.2.3. | |||||
| CVE-2018-5354 | 1 Anixis | 1 Password Reset Client | 2020-10-20 | 5.8 MEDIUM | 8.8 HIGH |
| The custom GINA/CP module in ANIXIS Password Reset Client before version 3.22 allows remote attackers to execute code and escalate privileges via spoofing. When the client is configured to use HTTP, it does not authenticate the intended server before opening a browser window. An unauthenticated attacker capable of conducting a spoofing attack can redirect the browser to gain execution in the context of the WinLogon.exe process. If Network Level Authentication is not enforced, the vulnerability can be exploited via RDP. | |||||
| CVE-2018-5353 | 1 Zohocorp | 1 Manageengine Adselfservice Plus | 2020-10-15 | 7.5 HIGH | 9.8 CRITICAL |
| The custom GINA/CP module in Zoho ManageEngine ADSelfService Plus before 5.5 build 5517 allows remote attackers to execute code and escalate privileges via spoofing. It does not authenticate the intended server before opening a browser window. An unauthenticated attacker capable of conducting a spoofing attack can redirect the browser to gain execution in the context of the WinLogon.exe process. If Network Level Authentication is not enforced, the vulnerability can be exploited via RDP. Additionally, if the web server has a misconfigured certificate then no spoofing attack is required | |||||
| CVE-2019-16378 | 1 Trusteddomain | 1 Opendmarc | 2020-10-13 | 7.5 HIGH | 9.8 CRITICAL |
| OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 is prone to a signature-bypass vulnerability with multiple From: addresses, which might affect applications that consider a domain name to be relevant to the origin of an e-mail message. | |||||
| CVE-2019-0283 | 1 Sap | 1 Netweaver Process Integration | 2020-08-24 | 5.5 MEDIUM | 7.1 HIGH |
| SAP NetWeaver Process Integration (Adapter Engine), fixed in versions 7.10 to 7.11, 7.30, 7.31, 7.40, 7.50; is vulnerable to Digital Signature Spoofing. It is possible to spoof XML signatures and send arbitrary requests to the server via PI Axis adapter. These requests will be accepted by the PI Axis adapter even if the payload has been altered, especially when the signed element is the body of the xml document. | |||||
| CVE-2018-12331 | 1 Ecos | 1 System Management Appliance | 2020-08-24 | 5.8 MEDIUM | 7.4 HIGH |
| Authentication Bypass by Spoofing vulnerability in ECOS System Management Appliance (aka SMA) 5.2.68 allows a man-in-the-middle attacker to compromise authentication keys and configurations via IP spoofing during "Easy Enrollment." | |||||
| CVE-2018-16483 | 1 Express-cart Project | 1 Express-cart | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| A deficiency in the access control in module express-cart <=1.1.5 allows unprivileged users to add new users to the application as administrators. | |||||