Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-07 | CVE-2020-16169 | Improper Authentication vulnerability in Robotemi Robox OS 117.21/119.24 Authentication Bypass Using an Alternate Path or Channel in temi Robox OS prior to120, temi Android app up to 1.3.7931 allows remote attackers to gain elevated privileges on the temi and have it automatically answer the attacker's calls, granting audio, video, and motor control via unspecified vectors. | 9.8 |
| 2020-08-06 | CVE-2020-13365 | Improper Authentication vulnerability in Zyxel products Certain Zyxel products have a locally accessible binary that allows a non-root user to generate a password for an undocumented user account that can be used for a TELNET session as root. | 8.8 |
| 2020-08-05 | CVE-2020-5608 | Improper Authentication vulnerability in Yokogawa products CAMS for HIS CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3.08.10 to R3.09.50, CENTUM VP (includes CENTUM VP Small, Basic) R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01 allows a remote unauthenticated attacker to bypass authentication and send altered communication packets via unspecified vectors. | 9.8 |
| 2020-08-04 | CVE-2020-5616 | Improper Authentication vulnerability in multiple products [Calendar01], [Calendar02], [PKOBO-News01], [PKOBO-vote01], [Telop01], [Gallery01], [CalendarForm01], and [Link01] [Calendar01] free edition ver1.0.0, [Calendar02] free edition ver1.0.0, [PKOBO-News01] free edition ver1.0.3 and earlier, [PKOBO-vote01] free edition ver1.0.1 and earlier, [Telop01] free edition ver1.0.0, [Gallery01] free edition ver1.0.3 and earlier, [CalendarForm01] free edition ver1.0.3 and earlier, and [Link01] free edition ver1.0.0 allows remote attackers to bypass authentication and log in to the product with administrative privileges via unspecified vectors. network low complexity calendar02-project calendar01-project link01-project calendarform01-project gallery01-project telop01-project pkobo-vote01-project pkobo-news01-project CWE-287 critical | 9.8 |
| 2020-08-03 | CVE-2020-8108 | Improper Authentication vulnerability in Bitdefender Endpoint Security Improper Authentication vulnerability in Bitdefender Endpoint Security for Mac allows an unprivileged process to restart the main service and potentially inject third-party code into a trusted process. | 8.8 |
| 2020-07-31 | CVE-2020-5384 | Improper Authentication vulnerability in RSA Multifactor Authentication Agent 2.0 Authentication Bypass Vulnerability RSA MFA Agent 2.0 for Microsoft Windows contains an Authentication Bypass vulnerability. | 8.4 |
| 2020-07-30 | CVE-2020-14158 | Improper Authentication vulnerability in Abus Secvest Hybrid Fumo50110 Firmware The ABUS Secvest FUMO50110 hybrid module does not have any security mechanism that ensures confidentiality or integrity of RF packets that are exchanged with an alarm panel. | 9.1 |
| 2020-07-30 | CVE-2020-8206 | Improper Authentication vulnerability in multiple products An improper authentication vulnerability exists in Pulse Connect Secure <9.1RB that allows an attacker with a users primary credentials to bypass the Google TOTP. | 8.1 |
| 2020-07-29 | CVE-2019-20033 | Improper Authentication vulnerability in NEC Sv8100 Firmware On Aspire-derived NEC PBXes, including all versions of SV8100 devices, a set of documented, static login credentials may be used to access the DIM interface. | 9.8 |
| 2020-07-29 | CVE-2019-20027 | Improper Authentication vulnerability in NEC products Aspire-derived NEC PBXes, including the SV8100, SV9100, SL1100 and SL2100 with software releases 7.0 or higher contain the possibility if incorrectly configured to allow a blank username and password combination to be entered as a valid, successfully authenticating account. | 9.8 |