映射到 CWE-287 的搜索结果 (995)

CVE-2016-0733(发布:2016-04-12 10:59:08)NM
CVSS7.5

[原文]The Admin UI in Apache Ranger before 0.5.1 does not properly handle authentication requests that lack a password, which allows remote attackers to bypass authentication by leveraging knowledge of a valid username.

CVE-2016-2245(发布:2016-03-19 11:59:01)NM
CVSS10.0

[原文]HP Support Assistant before 8.1.52.1 allows remote attackers to bypass authentication via unspecified vectors.

CVE-2016-1329(发布:2016-03-03 06:59:00)NM
CVSS10.0

[原文]Cisco NX-OS 6.0(2)U6(1) through 6.0(2)U6(5) on Nexus 3000 devices and 6.0(2)A6(1) through 6.0(2)A6(5) and 6.0(2)A7(1) on Nexus 3500 devices has hardcoded credentials, which allows remote attackers to obtain root privileges via a (1) TELNET or (2) SSH session, aka Bug ID CSCuy25800.

CVE-2015-8269(发布:2016-02-04 06:59:00)NM
CVSS6.5

[原文]The API on Fisher-Price Smart Toy Bear devices allows remote attackers to obtain sensitive information or modify data by leveraging presence in an 802.11 network's coverage area and entering an account number.

CVE-2016-0755(发布:2016-01-29 15:59:05)NMPS
CVSS5.0

[原文]The ConnectionExists function in lib/url.c in libcurl before 7.47.0 does not properly re-use NTLM-authenticated proxy connections, which might allow remote attackers to authenticate as other users via a request, a similar issue to CVE-2014-0015.

CVE-2015-7521(发布:2016-01-29 15:59:00)NMS
CVSS7.5

[原文]The authorization framework in Apache Hive 1.0.0, 1.0.1, 1.1.0, 1.1.1, 1.2.0 and 1.2.1, on clusters protected by Ranger and SqlStdHiveAuthorization, allows attackers to bypass intended parent table access restrictions via unspecified partition-level operations.

首页上一页4567891011下一页尾页 第6页 / 共166页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站