Total
482 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-40269 | 1 Mitsubishielectric | 5 Gt25, Gt25 Firmware, Gt27 and 2 more | 2025-03-26 | 6.8 Medium |
| Authentication Bypass by Spoofing vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT27 model versions 01.14.000 to 01.47.000, Mitsubishi Electric Corporation GOT2000 Series GT25 model versions 01.14.000 to 01.47.000 and Mitsubishi Electric Corporation GT SoftGOT2000 versions 1.265B to 1.285X allows a remote unauthenticated attacker to disclose sensitive information from users' browsers or spoof legitimate users by abusing inappropriate HTML attributes. | ||||
| CVE-2024-31863 | 1 Apache | 1 Zeppelin | 2025-03-25 | 5.3 Medium |
| Authentication Bypass by Spoofing vulnerability by replacing to exsiting notes in Apache Zeppelin.This issue affects Apache Zeppelin: from 0.10.1 before 0.11.0. Users are recommended to upgrade to version 0.11.0, which fixes the issue. | ||||
| CVE-2025-30110 | 2025-03-21 | 6.5 Medium | ||
| On IROAD X5 devices, a Bypass of Device Pairing can occur via MAC Address Spoofing. The dashcam's pairing mechanism relies solely on MAC address verification, allowing an attacker to bypass authentication by spoofing an already-paired MAC address that can be captured via an ARP scan. | ||||
| CVE-2024-8908 | 1 Google | 1 Chrome | 2025-03-20 | 4.3 Medium |
| Inappropriate implementation in Autofill in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2024-7981 | 1 Google | 1 Chrome | 2025-03-20 | 4.3 Medium |
| Inappropriate implementation in Views in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2023-28452 | 1 Coredns.io | 1 Coredns | 2025-03-19 | 7.5 High |
| An issue was discovered in CoreDNS through 1.10.1. There is a vulnerability in DNS resolving software, which triggers a resolver to ignore valid responses, thus causing denial of service for normal resolution. In an exploit, the attacker could just forge a response targeting the source port of a vulnerable resolver without the need to guess the correct TXID. | ||||
| CVE-2024-41107 | 2 Apache, Apache Software Foundation | 2 Cloudstack, Apache Cloudstack | 2025-03-19 | 8.1 High |
| The CloudStack SAML authentication (disabled by default) does not enforce signature check. In CloudStack environments where SAML authentication is enabled, an attacker that initiates CloudStack SAML single sign-on authentication can bypass SAML authentication by submitting a spoofed SAML response with no signature and known or guessed username and other user details of a SAML-enabled CloudStack user-account. In such environments, this can result in a complete compromise of the resources owned and/or accessible by a SAML enabled user-account. Affected users are recommended to disable the SAML authentication plugin by setting the "saml2.enabled" global setting to "false", or upgrade to version 4.18.2.2, 4.19.1.0 or later, which addresses this issue. | ||||
| CVE-2024-8399 | 1 Mozilla | 1 Firefox Focus | 2025-03-19 | 4.7 Medium |
| Websites could utilize Javascript links to spoof URL addresses in the Focus navigation bar This vulnerability affects Focus for iOS < 130. | ||||
| CVE-2024-27853 | 1 Apple | 1 Macos | 2025-03-19 | 4.4 Medium |
| This issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4. A maliciously crafted ZIP archive may bypass Gatekeeper checks. | ||||
| CVE-2022-4550 | 1 User Activity Project | 1 User Activity | 2025-03-18 | 7.5 High |
| The User Activity WordPress plugin through 1.0.1 checks headers such as the X-Forwarded-For to retrieve the IP address of the request, which could lead to IP spoofing | ||||
| CVE-2023-23398 | 1 Microsoft | 3 365 Apps, Excel, Office | 2025-02-28 | 7.1 High |
| Microsoft Excel Spoofing Vulnerability | ||||
| CVE-2021-31172 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2025-02-28 | 7.1 High |
| Microsoft SharePoint Server Spoofing Vulnerability | ||||
| CVE-2021-28478 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2025-02-28 | 7.6 High |
| Microsoft SharePoint Server Spoofing Vulnerability | ||||
| CVE-2021-26418 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2025-02-28 | 4.6 Medium |
| Microsoft SharePoint Server Spoofing Vulnerability | ||||
| CVE-2023-38173 | 1 Microsoft | 1 Edge Chromium | 2025-02-28 | 4.3 Medium |
| Microsoft Edge for Android Spoofing Vulnerability | ||||
| CVE-2023-36883 | 1 Microsoft | 1 Edge | 2025-02-28 | 4.3 Medium |
| Microsoft Edge for iOS Spoofing Vulnerability | ||||
| CVE-2023-36769 | 1 Microsoft | 1 Onenote | 2025-02-28 | 4.6 Medium |
| Microsoft OneNote Spoofing Vulnerability | ||||
| CVE-2023-35392 | 1 Microsoft | 1 Edge Chromium | 2025-02-28 | 4.7 Medium |
| Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||||
| CVE-2023-29334 | 1 Microsoft | 1 Edge Chromium | 2025-02-28 | 4.3 Medium |
| Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||||
| CVE-2023-24935 | 1 Microsoft | 1 Edge Chromium | 2025-02-28 | 6.1 Medium |
| Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||||