Search Vulnerabilities

User Authentication Bypass in VPN Remote Access and Mobile Access

Whitelist Validation Bypass in TP-Link Tapo C520WS

UDS Identity Config has a client authentication bypass in `ClientIdAndKubernetesSecretAuthenticator`

Improper Authentication Bypass in linqi CDN File Access

Authentication Bypass in DTS Electronics' Redline WR3200

On affected platforms running Arista EOS with 802.1x authentication configured on the access/trunk ports, a malicious supplicant may bypass authent...

Unverified Meeting Recording Endpoints & Permissive CORS

Unauthenticated eSIM Configuration Manipulation

SCREEN_CLICK Authentication Bypass

Exposed Hard-coded M3WebServer Backend API Key

Lack of MQTT Broker Topic Access Control Lists

ealpha072 Student-Management-System Administrative Backend config.php improper authentication

CloudburstMC Protocol: Partially missing validation for FULL type authentication tokens

authentik: SourceStage bypass via empty POST

authentik: `UserSourceConnection.user` and `GroupSourceConnection.group` are changeable through the API

sayan365 student-management-system improper authentication

nextlevelbuilder GoClaw Webhook Verification auth.go resolveAuth missing authentication

ARMember Premium <= 7.3.1 - Insecure Password Reset Mechanism to Unauthenticated Privilege Escalation

OTP bypass via plugin-based LDAP authentication in MISP when LDAP mixed authentication is enabled

NousResearch hermes-agent Credential Pool Synchronization credential_pool.py _sync_anthropic_entry_from_credentials_file improper authentication