映射到 CWE-287 的搜索结果 (1103)
[原文]An information disclosure / elevation of privilege vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker who has legitimate access to BlackBerry Workspaces to gain access to another user's workspace by making multiple login requests to the server.
Apache CXF 2.4.5版本和2.5.1版本中存在安全绕过漏洞。攻击者可利用此漏洞绕过UsernameToken政策并获取对受限服务的访问权。
[原文]A vulnerability in synotheme_upload.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to upload arbitrary files without authentication via the logo_upload action.
[原文]A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with network access to the SiPass integrated server to bypass the authentication mechanism and perform administrative operations.
[原文]A vulnerability was discovered in Siemens SIMATIC WinCC Sm@rtClient for Android (All versions before V22.214.171.124) and SIMATIC WinCC Sm@rtClient for Android Lite (All versions before V126.96.36.199). An attacker with physical access to an unlocked mobile device, that has the affected app running, could bypass the app's authentication mechanism under certain conditions.
[原文]Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.