Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-22 | CVE-2020-11796 | Improper Authentication vulnerability in Jetbrains Space In JetBrains Space through 2020-04-22, the password authentication implementation was insecure. | 9.8 |
| 2020-04-21 | CVE-2020-5268 | Improper Authentication vulnerability in Sustainsys Saml2 In Saml2 Authentication Services for ASP.NET versions before 1.0.2, and between 2.0.0 and 2.6.0, there is a vulnerability in how tokens are validated in some cases. | 7.3 |
| 2020-04-21 | CVE-2020-11965 | Improper Authentication vulnerability in Evenroute Iqrouter Firmware 3.3.1 In IQrouter through 3.3.1, there is a root user without a password, which allows attackers to gain full remote access via SSH. | 9.8 |
| 2020-04-21 | CVE-2020-11964 | Improper Authentication vulnerability in Evenroute Iqrouter Firmware 3.3.1 In IQrouter through 3.3.1, the Lua function diag_set_password in the web-panel allows remote attackers to change the root password arbitrarily. | 7.5 |
| 2020-04-20 | CVE-2020-9277 | Improper Authentication vulnerability in Dlink Dsl-2640B Firmware Eu4.01B An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. | 9.8 |
| 2020-04-20 | CVE-2020-9070 | Improper Authentication vulnerability in Huawei Taurus-Al00B Firmware 10.0.0.133(C00E132R5P1)/10.0.0.203(C00E201R7P2)/10.0.0.41(Sp2C00E41R3P2) Huawei smartphones Taurus-AL00B with versions earlier than 10.0.0.205(C00E201R7P2) have an improper authentication vulnerability. | 5.5 |
| 2020-04-20 | CVE-2020-1803 | Improper Authentication vulnerability in Huawei Honor V20 Firmware Huawei smartphones Honor V20 with versions earlier than 10.0.0.179(C636E3R4P3),versions earlier than 10.0.0.180(C185E3R3P3),versions earlier than 10.0.0.180(C432E10R3P4) have an information disclosure vulnerability. | 5.3 |
| 2020-04-20 | CVE-2017-18850 | Improper Authentication vulnerability in Netgear products Certain NETGEAR devices are affected by authentication bypass. | 8.4 |
| 2020-04-19 | CVE-2019-20786 | Improper Authentication vulnerability in Pion Dtls handleIncomingPacket in conn.go in Pion DTLS before 1.5.2 lacks a check for application data with epoch 0, which allows remote attackers to inject arbitrary unencrypted data after handshake completion. | 9.8 |
| 2020-04-15 | CVE-2020-7276 | Improper Authentication vulnerability in Mcafee Endpoint Security Authentication bypass vulnerability in MfeUpgradeTool in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 April 2020 Update allows administrator users to access policy settings via running this tool. | 6.7 |