Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-12 | CVE-2023-49262 | Improper Authentication vulnerability in Hongdian H8951-4G-Esp Firmware The authentication mechanism can be bypassed by overflowing the value of the Cookie "authentication" field, provided there is an active user session. | 9.8 |
| 2024-01-12 | CVE-2023-50919 | Improper Authentication vulnerability in Gl-Inet products An issue was discovered on GL.iNet devices before version 4.5.0. | 9.8 |
| 2024-01-11 | CVE-2023-50127 | Improper Authentication vulnerability in Hozard Alarm System 1.0 Hozard alarm system (Alarmsysteem) v1.0 is vulnerable to Improper Authentication. | 5.9 |
| 2024-01-10 | CVE-2024-21638 | Improper Authentication vulnerability in Microsoft Azure Ipam Azure IPAM (IP Address Management) is a lightweight solution developed on top of the Azure platform designed to help Azure customers manage their IP Address space easily and effectively. | 9.8 |
| 2024-01-10 | CVE-2023-48257 | Improper Authentication vulnerability in Bosch Nexo-Os 1000/1500Sp2 The vulnerability allows a remote attacker to access sensitive data inside exported packages or obtain up to Remote Code Execution (RCE) with root privileges on the device. | 8.8 |
| 2024-01-09 | CVE-2023-5376 | Improper Authentication vulnerability in Korenix products An Improper Authentication vulnerability in Korenix JetNet TFTP allows abuse of this service. This issue affects JetNet devices older than firmware version 2024/01. | 9.1 |
| 2024-01-09 | CVE-2023-51717 | Improper Authentication vulnerability in Dataiku Data Science Studio Dataiku DSS before 11.4.5 and 12.4.1 has Incorrect Access Control that could lead to a full authentication bypass. | 9.8 |
| 2024-01-07 | CVE-2023-7211 | Improper Authentication vulnerability in Uniwayinfo products A vulnerability was found in Uniway Router 2.0. | 8.1 |
| 2024-01-04 | CVE-2024-20803 | Improper Authentication vulnerability in Samsung Android 11.0/12.0 Improper authentication vulnerability in Bluetooth pairing process prior to SMR Jan-2024 Release 1 allows remote attackers to establish pairing process without user interaction. | 6.5 |
| 2023-12-29 | CVE-2023-7079 | Improper Authentication vulnerability in Cloudflare Wrangler Sending specially crafted HTTP requests and inspector messages to Wrangler's dev server could result in any file on the user's computer being accessible over the local network. | 5.7 |