Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-05 | CVE-2015-0102 | Improper Authentication vulnerability in IBM Workflow IBM Workflow for Bluemix does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. | 8.1 |
| 2020-02-04 | CVE-2019-15615 | Improper Authentication vulnerability in Nextcloud A wrong check for the system time in the Android App 3.9.0 causes a bypass of the lock protection when changing the time of the system to the past. | 6.1 |
| 2020-02-04 | CVE-2013-7051 | Improper Authentication vulnerability in Dlink Dir-100 Firmware 4.03B07 D-Link DIR-100 4.03B07: cli.cgi security bypass due to failure to check authentication parameters | 8.8 |
| 2020-02-03 | CVE-2020-8591 | Improper Authentication vulnerability in Eginnovations EG Manager 7.1.2 eG Manager 7.1.2 allows authentication bypass via a com.egurkha.EgLoginServlet?uname=admin&upass=&accessKey=eGm0n1t0r request. | 9.8 |
| 2020-02-03 | CVE-2020-8510 | Improper Authentication vulnerability in PHPabook Project PHPabook 0.9 An issue was discovered in phpABook 0.9 Intermediate. | 9.8 |
| 2020-01-31 | CVE-2016-2032 | Improper Authentication vulnerability in Arubanetworks Aruba Instant and Arubaos A vulnerability exists in the Aruba AirWave Management Platform 8.x prior to 8.2 in the management interface of an underlying system component called RabbitMQ, which could let a malicious user obtain sensitive information. | 7.5 |
| 2020-01-31 | CVE-2013-5116 | Improper Authentication vulnerability in Evernote Evernote prior to 5.5.1 has insecure password change | 7.1 |
| 2020-01-31 | CVE-2013-5114 | Improper Authentication vulnerability in Logmein Lastpass LastPass prior to 2.5.1 allows secure wipe bypass. | 6.1 |
| 2020-01-31 | CVE-2013-5112 | Improper Authentication vulnerability in Evernote Evernote before 5.5.1 has insecure PIN storage | 4.6 |
| 2020-01-30 | CVE-2020-5206 | Improper Authentication vulnerability in Apereo Opencast In Opencast before 7.6 and 8.1, using a remember-me cookie with an arbitrary username can cause Opencast to assume proper authentication for that user even if the remember-me cookie was incorrect given that the attacked endpoint also allows anonymous access. | 10.0 |