Vulnerabilities > Improper Authentication

DATE CVE VULNERABILITY TITLE RISK
2024-03-08 CVE-2024-21899 Improper Authentication vulnerability in Qnap QTS and Quts Hero
An improper authentication vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-287
critical
9.8
2024-02-22 CVE-2023-52160 Improper Authentication vulnerability in multiple products
The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass.
network
low complexity
w1-fi debian redhat fedoraproject CWE-287
6.5
2024-02-22 CVE-2023-52161 Improper Authentication vulnerability in Intel Inet Wireless Daemon
The Access Point functionality in eapol_auth_key_handle in eapol.c in iNet wireless daemon (IWD) before 2.14 allows attackers to gain unauthorized access to a protected Wi-Fi network.
network
low complexity
intel CWE-287
7.5
2024-02-15 CVE-2024-20738 Improper Authentication vulnerability in Adobe Framemaker Publishing Server 2020/2022
Adobe FrameMaker Publishing Server versions 2022.1 and earlier are affected by an Improper Authentication vulnerability that could result in a Security feature bypass.
network
low complexity
adobe CWE-287
critical
9.8
2024-02-13 CVE-2024-23813 A vulnerability has been identified in Polarion ALM (All versions).
network
low complexity
CWE-287
7.3
2024-02-09 CVE-2024-25313 Improper Authentication vulnerability in Code-Projects Simple School Management System 1.0
Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username and password parameters at School/teacher_login.php.
network
low complexity
code-projects CWE-287
8.8
2024-02-09 CVE-2023-51761 Improper Authentication vulnerability in Emerson products
In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could bypass authentication and acquire admin capabilities.
network
high complexity
emerson CWE-287
8.1
2024-02-08 CVE-2024-24496 Improper Authentication vulnerability in Remyandrade Daily Habit Tracker 1.0
An issue in Daily Habit Tracker v.1.0 allows a remote attacker to manipulate trackers via the home.php, add-tracker.php, delete-tracker.php, update-tracker.php components.
network
low complexity
remyandrade CWE-287
critical
9.8
2024-02-08 CVE-2024-22394 Improper Authentication vulnerability in Sonicwall Sonicos 7.1.17040
An improper authentication vulnerability has been identified in SonicWall SonicOS SSL-VPN feature, which in specific conditions could allow a remote attacker to bypass authentication.  This issue affects only firmware version SonicOS 7.1.1-7040.
network
low complexity
sonicwall CWE-287
critical
9.8
2024-02-07 CVE-2024-23806 Improper Authentication vulnerability in Hidglobal products
Sensitive data can be extracted from HID iCLASS SE reader configuration cards.
low complexity
hidglobal CWE-287
5.3