Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-12 | CVE-2024-21654 | Improper Authentication vulnerability in Rubygems Rubygems.Org 20230814 Rubygems.org is the Ruby community's gem hosting service. | 9.8 |
| 2024-01-12 | CVE-2023-46805 | Improper Authentication vulnerability in Ivanti Connect Secure and Policy Secure An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks. | 8.2 |
| 2024-01-12 | CVE-2023-49262 | Improper Authentication vulnerability in Hongdian H8951-4G-Esp Firmware The authentication mechanism can be bypassed by overflowing the value of the Cookie "authentication" field, provided there is an active user session. | 9.8 |
| 2024-01-12 | CVE-2023-50919 | Improper Authentication vulnerability in Gl-Inet products An issue was discovered on GL.iNet devices before version 4.5.0. | 9.8 |
| 2024-01-11 | CVE-2023-50127 | Improper Authentication vulnerability in Hozard Alarm System 1.0 Hozard alarm system (Alarmsysteem) v1.0 is vulnerable to Improper Authentication. | 5.9 |
| 2024-01-10 | CVE-2024-21638 | Improper Authentication vulnerability in Microsoft Azure Ipam Azure IPAM (IP Address Management) is a lightweight solution developed on top of the Azure platform designed to help Azure customers manage their IP Address space easily and effectively. | 9.8 |
| 2024-01-10 | CVE-2023-48257 | Improper Authentication vulnerability in Bosch Nexo-Os 1000/1500Sp2 The vulnerability allows a remote attacker to access sensitive data inside exported packages or obtain up to Remote Code Execution (RCE) with root privileges on the device. | 8.8 |
| 2024-01-09 | CVE-2023-5376 | Improper Authentication vulnerability in Korenix products An Improper Authentication vulnerability in Korenix JetNet TFTP allows abuse of this service. This issue affects JetNet devices older than firmware version 2024/01. | 9.1 |
| 2024-01-09 | CVE-2023-51717 | Improper Authentication vulnerability in Dataiku Data Science Studio Dataiku DSS before 11.4.5 and 12.4.1 has Incorrect Access Control that could lead to a full authentication bypass. | 9.8 |
| 2024-01-07 | CVE-2023-7210 | Improper Authentication vulnerability in Onenav A vulnerability was found in OneNav up to 0.9.33. | 9.8 |