Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-22 | CVE-2017-18772 | Improper Authentication vulnerability in Netgear products Certain NETGEAR devices are affected by authentication bypass. | 8.8 |
| 2020-04-22 | CVE-2020-11796 | Improper Authentication vulnerability in Jetbrains Space In JetBrains Space through 2020-04-22, the password authentication implementation was insecure. | 9.8 |
| 2020-04-21 | CVE-2020-5268 | Improper Authentication vulnerability in Sustainsys Saml2 In Saml2 Authentication Services for ASP.NET versions before 1.0.2, and between 2.0.0 and 2.6.0, there is a vulnerability in how tokens are validated in some cases. | 7.3 |
| 2020-04-21 | CVE-2020-11965 | Improper Authentication vulnerability in Evenroute Iqrouter Firmware 3.3.1 In IQrouter through 3.3.1, there is a root user without a password, which allows attackers to gain full remote access via SSH. | 9.8 |
| 2020-04-21 | CVE-2020-11964 | Improper Authentication vulnerability in Evenroute Iqrouter Firmware 3.3.1 In IQrouter through 3.3.1, the Lua function diag_set_password in the web-panel allows remote attackers to change the root password arbitrarily. | 7.5 |
| 2020-04-20 | CVE-2020-9277 | Improper Authentication vulnerability in Dlink Dsl-2640B Firmware Eu4.01B An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. | 9.8 |
| 2020-04-20 | CVE-2020-9070 | Improper Authentication vulnerability in Huawei Taurus-Al00B Firmware 10.0.0.133(C00E132R5P1)/10.0.0.203(C00E201R7P2)/10.0.0.41(Sp2C00E41R3P2) Huawei smartphones Taurus-AL00B with versions earlier than 10.0.0.205(C00E201R7P2) have an improper authentication vulnerability. | 5.5 |
| 2020-04-20 | CVE-2020-1803 | Improper Authentication vulnerability in Huawei Honor V20 Firmware Huawei smartphones Honor V20 with versions earlier than 10.0.0.179(C636E3R4P3),versions earlier than 10.0.0.180(C185E3R3P3),versions earlier than 10.0.0.180(C432E10R3P4) have an information disclosure vulnerability. | 5.3 |
| 2020-04-20 | CVE-2017-18850 | Improper Authentication vulnerability in Netgear products Certain NETGEAR devices are affected by authentication bypass. | 8.4 |
| 2020-04-19 | CVE-2019-20786 | Improper Authentication vulnerability in Pion Dtls handleIncomingPacket in conn.go in Pion DTLS before 1.5.2 lacks a check for application data with epoch 0, which allows remote attackers to inject arbitrary unencrypted data after handshake completion. | 9.8 |