Vulnerabilities > Improper Authentication

DATE CVE VULNERABILITY TITLE RISK
2024-04-29 CVE-2024-4303 ArmorX Android APP's multi-factor authentication (MFA) for the login function is not properly implemented.
network
low complexity
CWE-287
8.8
2024-03-12 CVE-2023-46717 Improper Authentication vulnerability in Fortinet Fortios
An improper authentication vulnerability [CWE-287] in FortiOS versions 7.4.1 and below, versions 7.2.6 and below, and versions 7.0.12 and below when configured with FortiAuthenticator in HA may allow a readonly user to gain read-write access via successive login attempts.
network
low complexity
fortinet CWE-287
8.8
2024-03-08 CVE-2024-21899 Improper Authentication vulnerability in Qnap QTS and Quts Hero
An improper authentication vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-287
critical
9.8
2024-02-22 CVE-2023-52160 Improper Authentication vulnerability in multiple products
The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass.
network
low complexity
w1-fi debian redhat fedoraproject CWE-287
6.5
2024-02-22 CVE-2023-52161 Improper Authentication vulnerability in Intel Inet Wireless Daemon
The Access Point functionality in eapol_auth_key_handle in eapol.c in iNet wireless daemon (IWD) before 2.14 allows attackers to gain unauthorized access to a protected Wi-Fi network.
network
low complexity
intel CWE-287
7.5
2024-02-15 CVE-2024-20738 Improper Authentication vulnerability in Adobe Framemaker Publishing Server 2020/2022
Adobe FrameMaker Publishing Server versions 2022.1 and earlier are affected by an Improper Authentication vulnerability that could result in a Security feature bypass.
network
low complexity
adobe CWE-287
critical
9.8
2024-02-13 CVE-2024-23813 A vulnerability has been identified in Polarion ALM (All versions < V2404.0).
network
low complexity
CWE-287
7.3
2024-02-09 CVE-2024-25313 Improper Authentication vulnerability in Code-Projects Simple School Management System 1.0
Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username and password parameters at School/teacher_login.php.
network
low complexity
code-projects CWE-287
8.8
2024-02-09 CVE-2023-51761 Improper Authentication vulnerability in Emerson products
In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could bypass authentication and acquire admin capabilities.
network
high complexity
emerson CWE-287
8.1
2024-02-08 CVE-2024-24496 Improper Authentication vulnerability in Remyandrade Daily Habit Tracker 1.0
An issue in Daily Habit Tracker v.1.0 allows a remote attacker to manipulate trackers via the home.php, add-tracker.php, delete-tracker.php, update-tracker.php components.
network
low complexity
remyandrade CWE-287
critical
9.8