Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-11 | CVE-2013-2120 | Improper Authentication vulnerability in KDE Paste Applet The %{password(...)} macro in pastemacroexpander.cpp in the KDE Paste Applet before 4.10.5 in kdeplasma-addons does not properly generate passwords, which allows context-dependent attackers to bypass authentication via a brute-force attack. | 8.4 |
| 2020-02-11 | CVE-2013-5582 | Improper Authentication vulnerability in Ammyy Admin 3.2 Ammyy Admin 3.2 and earlier stores the client ID at a fixed memory location, which might make it easier for user-assisted remote attackers to bypass authentication by running a local program that extracts a field from the AA_v3.2.exe file. | 7.8 |
| 2020-02-11 | CVE-2014-9753 | Improper Authentication vulnerability in Atutor confirm.php in ATutor 2.2 and earlier allows remote attackers to bypass authentication and gain access as an existing user via the auto_login parameter. | 9.8 |
| 2020-02-11 | CVE-2013-1359 | Improper Authentication vulnerability in Sonicwall products An Authentication Bypass Vulnerability exists in DELL SonicWALL Analyzer 7.0, Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0; Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and ViewPoint 4.1, 5.0, 5.1, and 6.0 via the skipSessionCheck parameter to the UMA interface (/appliance/), which could let a remote malicious user obtain access to the root account. | 9.8 |
| 2020-02-11 | CVE-2013-1360 | Improper Authentication vulnerability in Sonicwall products An Authentication Bypass vulnerability exists in DELL SonicWALL Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0, Analyzer 7.0, Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and ViewPoint 4.1, 5.0, and 6.0 via a crafted request to the SGMS interface, which could let a remote malicious user obtain administrative access. | 9.8 |
| 2020-02-11 | CVE-2014-8347 | Improper Authentication vulnerability in Claris Filemaker PRO and Filemaker PRO Advanced An Authentication Bypass vulnerability exists in the MatchPasswordData function in DBEngine.dll in Filemaker Pro 13.03 and Filemaker Pro Advanced 12.04, which could let a malicious user obtain elevated privileges. | 7.8 |
| 2020-02-10 | CVE-2019-6744 | Improper Authentication vulnerability in Samsung Knox 1.2.02.39 This vulnerability allows local attackers to disclose sensitive information on affected installations of Samsung Knox 1.2.02.39 on Samsung Galaxy S9 build G9600ZHS3ARL1 Secure Folder. | 4.3 |
| 2020-02-10 | CVE-2019-20062 | Improper Authentication vulnerability in Mfscripts Yetishare MFScripts YetiShare v3.5.2 through v4.5.4 might allow an attacker to reset a password by using a leaked hash (the hash never expires until used). | 9.8 |
| 2020-02-10 | CVE-2017-18641 | Improper Authentication vulnerability in Linuxcontainers LXC 2.0.0 In LXC 2.0, many template scripts download code over cleartext HTTP, and omit a digital-signature check, before running it to bootstrap containers. | 8.1 |
| 2020-02-07 | CVE-2013-3096 | Improper Authentication vulnerability in Dlink Dir865L Firmware 1.03 D-Link DIR865L v1.03 suffers from an "Unauthenticated Hardware Linking" vulnerability. | 5.9 |