Improper Authentication (CWE-287) in the LDAP authentication engine in AxxonSoft Axxon One (C-Werk) 2.0.2 and earlier on Windows allows a remote authenticated user to be denied access or misassigned r
Insufficient Session Expiration (CWE-613) in the Web Admin Panel in AxxonSoft Axxon One (C-Werk) prior to 2.0.3 on Windows allows a local or remote authenticated attacker to retain access with removed
Servision - CWE-287: Improper Authentication
CWE-287: Improper Authentication vulnerability exists that could cause an Authentication Bypass when an
unauthorized user without permission rights has physical access to the EPAS-UI computer and is a
An improper authentication vulnerability [CWE-287] in Fortinet FortiClientEMS version 7.4.0 and before 7.2.4 allows an unauthenticated attacker with the knowledge of the targeted user's FCTUID and VDO
Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability (CWE-287) in the system configuration module. The /php/ajax-
The web application uses a weak authentication mechanism to verify that a request is coming from an authenticated and authorized resource.
Insertion of Sensitive Information into Log File (CWE-532) in the ARP Agent component in AxxonSoft Axxon One / AxxonNet / C-WerkNet 2.0.4 and earlier on Windows platforms allows a local attacker to ob
Improper authentication in Azure Arc allows an authorized attacker to elevate privileges locally.
Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.
Improper authentication in Windows Remote Desktop Protocol allows an authorized attacker to bypass a security feature locally.
Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally.
Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally.
A flaw exists in the Windows login flow where an AuthContext token can
be exploited for replay attacks and authentication bypass.
Exposure of Sensitive Information to an Unauthorized Actor (CWE-200) in the diagnostic dump component in AxxonSoft Axxon One VMS (C-Werk) 2.0.0 through 2.0.1 on Windows allows a local attacker to obta
CWE-287: Improper Authentication vulnerability exists that could cause Denial of access to the web interface
when someone on the local network repeatedly requests the /accessdenied URL.
Captive Portal can allow authentication bypass
Password guessing limits could be bypassed when using LDAP authentication.
Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network.
Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network.
Page 1+ Next →