Vulnerabilities (CVE)

Filtered by CWE-287
Total 4226 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2001-1585 1 Openbsd 1 Openssh 2026-06-16 6.8 MEDIUM N/A
SSH protocol 2 (aka SSH-2) public key authentication in the development snapshot of OpenSSH 2.3.1, available from 2001-01-18 through 2001-02-08, does not perform a challenge-response step to ensure that the client has the proper private key, which allows remote attackers to bypass authentication as other users by supplying a public key from that user's authorized_keys file.
CVE-2001-0537 1 Cisco 1 Ios 2026-06-16 9.3 HIGH N/A
HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL.
CVE-1999-0987 1 Microsoft 1 Windows Nt 2026-06-16 10.0 HIGH N/A
Windows NT does not properly download a system policy if the domain user logs into the domain with a space at the end of the domain name.
CVE-1999-0680 1 Microsoft 1 Terminal Server 2026-06-16 5.0 MEDIUM N/A
Windows NT Terminal Server performs extra work when a client opens a new connection but before it is authenticated, allowing for a denial of service.
CVE-1999-0366 1 Microsoft 1 Windows Nt 2026-06-16 7.5 HIGH N/A
In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank password, through a problem with a null NT hash value.
CVE-2008-1683 2024-04-16 N/A N/A
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-0887. Reason: This candidate is a duplicate of CVE-2008-0887. Notes: All CVE users should reference CVE-2008-0887 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage