Authentication Bypass by Spoofing vulnerability in ECOS System Management Appliance (aka SMA) 5.2.68 allows a man-in-the-middle attacker to compromise authentication keys and configurations via IP spo...

Velneo vClient on its 28.1.3 version, could allow an attacker with knowledge of the victims's username and hashed password to spoof the victim's id against the server.

in OpenHarmony v3.2.4 and prior versions allow a remote attacker bypass permission verification to install apps, although these require user action.

MetInfo through 5.3.17 accepts the same CAPTCHA response for 120 seconds, which makes it easier for remote attackers to bypass intended challenge requirements by modifying the client-server data strea...

A localhost.localdomain whitelist entry in valid_host() in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP commands by sending POST requests to the CUPS daemon...

An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Hostname-based security is open to DNS spoofing.