Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-30 | CVE-2023-51982 | Improper Authentication vulnerability in Cratedb 5.5.1 CrateDB 5.5.1 is contains an authentication bypass vulnerability in the Admin UI component. | 9.8 |
| 2024-01-29 | CVE-2024-23792 | Improper Authentication vulnerability in Otrs When adding attachments to ticket comments, another user can add attachments as well impersonating the orginal user. | 6.5 |
| 2024-01-26 | CVE-2024-23629 | Improper Authentication vulnerability in Motorola Mr2600 Firmware An authentication bypass vulnerability exists in the web component of the Motorola MR2600. | 7.5 |
| 2024-01-25 | CVE-2024-0822 | Improper Authentication vulnerability in Ovirt Ovirt-Engine An authentication bypass vulnerability was found in overt-engine. | 7.5 |
| 2024-01-23 | CVE-2023-50275 | Improper Authentication vulnerability in HP Oneview HPE OneView may allow clusterService Authentication Bypass resulting in denial of service. | 7.5 |
| 2024-01-23 | CVE-2024-23219 | Improper Authentication vulnerability in Apple Ipados The issue was addressed with improved authentication. | 6.2 |
| 2024-01-13 | CVE-2023-46942 | Improper Authentication vulnerability in Evershop 1.0.0 Lack of authentication in NPM's package @evershop/evershop before version 1.0.0-rc.8, allows remote attackers to obtain sensitive information via improper authorization in GraphQL endpoints. | 7.5 |
| 2024-01-12 | CVE-2023-46805 | Improper Authentication vulnerability in Ivanti Connect Secure and Policy Secure An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks. | 8.2 |
| 2024-01-12 | CVE-2023-49262 | Improper Authentication vulnerability in Hongdian H8951-4G-Esp Firmware The authentication mechanism can be bypassed by overflowing the value of the Cookie "authentication" field, provided there is an active user session. | 9.8 |
| 2024-01-12 | CVE-2023-50919 | Improper Authentication vulnerability in Gl-Inet products An issue was discovered on GL.iNet devices before version 4.5.0. | 9.8 |