Vulnerabilities > Improper Authentication

DATE CVE VULNERABILITY TITLE RISK
2022-06-24 CVE-2021-41638 Improper Authentication vulnerability in Melag FTP Server 2.2.0.4
The authentication checks of the MELAG FTP Server in version 2.2.0.4 are incomplete, which allows a remote attacker to access local files only by using a valid username.
network
low complexity
melag CWE-287
5.0
2022-06-23 CVE-2021-26637 Improper Authentication vulnerability in Shinasys products
There is no account authentication and permission check logic in the firmware and existing apps of SiHAS's SGW-300, ACM-300, GCM-300, so unauthorized users can remotely control the device.
network
low complexity
shinasys CWE-287
7.5
2022-06-23 CVE-2021-26638 Improper Authentication vulnerability in Xisnd S&D Smarthome 3.2.48
Improper Authentication vulnerability in S&D smarthome(smartcare) application can cause authentication bypass and information exposure.
network
low complexity
xisnd CWE-287
critical
10.0
2022-06-21 CVE-2022-29775 Improper Authentication vulnerability in Ispyconnect Ispy 7.2.2.0
iSpyConnect iSpy v7.2.2.0 allows attackers to bypass authentication via a crafted URL.
network
low complexity
ispyconnect CWE-287
7.5
2022-06-21 CVE-2022-33139 Improper Authentication vulnerability in Siemens Wincc Open Architecture 3.16/3.17/3.18
A vulnerability has been identified in SIMATIC WinCC OA V3.16 (All versions in default configuration), SIMATIC WinCC OA V3.17 (All versions in non-default configuration), SIMATIC WinCC OA V3.18 (All versions in non-default configuration).
network
siemens CWE-287
6.8
2022-06-17 CVE-2022-31083 Improper Authentication vulnerability in Parseplatform Parse-Server
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js.
network
low complexity
parseplatform CWE-287
5.0
2022-06-17 CVE-2022-22485 Improper Authentication vulnerability in IBM Spectrum Protect Operations Center
In some cases, an unsuccessful attempt to log into IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.14.000 does not cause the administrator's invalid sign-on count to be incremented on the IBM Spectrum Protect Server.
network
low complexity
ibm CWE-287
7.5
2022-06-17 CVE-2021-40903 Improper Authentication vulnerability in Antminer Monitor Project Antminer Monitor 0.50.0
A vulnerability in Antminer Monitor 0.50.0 exists because of backdoor or misconfiguration inside a settings file in flask server.
network
low complexity
antminer-monitor-project CWE-287
7.5
2022-06-17 CVE-2018-25043 Improper Authentication vulnerability in Bittorrent Utorrent
A vulnerability classified as critical was found in uTorrent.
6.8
2022-06-17 CVE-2020-36548 Improper Authentication vulnerability in GE Voluson S8 Firmware
A vulnerability classified as problematic has been found in GE Voluson S8.
local
low complexity
ge CWE-287
7.2