Vulnerabilities > Improper Authentication

DATE CVE VULNERABILITY TITLE RISK
2020-02-05 CVE-2013-2681 Improper Authentication vulnerability in Cisco Linksys E4200 Firmware 1.0.05
Cisco Linksys E4200 1.0.05 Build 7 devices contain a Security Bypass Vulnerability which could allow remote attackers to gain unauthorized access.
network
low complexity
cisco CWE-287
critical
9.8
2020-02-05 CVE-2015-0102 Improper Authentication vulnerability in IBM Workflow
IBM Workflow for Bluemix does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.
network
low complexity
ibm CWE-287
8.1
2020-02-04 CVE-2019-15615 Improper Authentication vulnerability in Nextcloud
A wrong check for the system time in the Android App 3.9.0 causes a bypass of the lock protection when changing the time of the system to the past.
low complexity
nextcloud CWE-287
6.1
2020-02-04 CVE-2013-7051 Improper Authentication vulnerability in Dlink Dir-100 Firmware 4.03B07
D-Link DIR-100 4.03B07: cli.cgi security bypass due to failure to check authentication parameters
network
low complexity
dlink CWE-287
8.8
2020-02-03 CVE-2020-8591 Improper Authentication vulnerability in Eginnovations EG Manager 7.1.2
eG Manager 7.1.2 allows authentication bypass via a com.egurkha.EgLoginServlet?uname=admin&upass=&accessKey=eGm0n1t0r request.
network
low complexity
eginnovations CWE-287
critical
9.8
2020-02-03 CVE-2020-8510 Improper Authentication vulnerability in PHPabook Project PHPabook 0.9
An issue was discovered in phpABook 0.9 Intermediate.
network
low complexity
phpabook-project CWE-287
critical
9.8
2020-01-31 CVE-2016-2032 Improper Authentication vulnerability in Arubanetworks Aruba Instant and Arubaos
A vulnerability exists in the Aruba AirWave Management Platform 8.x prior to 8.2 in the management interface of an underlying system component called RabbitMQ, which could let a malicious user obtain sensitive information.
network
low complexity
arubanetworks CWE-287
7.5
2020-01-31 CVE-2013-5116 Improper Authentication vulnerability in Evernote
Evernote prior to 5.5.1 has insecure password change
local
low complexity
evernote CWE-287
7.1
2020-01-31 CVE-2013-5114 Improper Authentication vulnerability in Logmein Lastpass
LastPass prior to 2.5.1 allows secure wipe bypass.
low complexity
logmein CWE-287
6.1
2020-01-31 CVE-2013-5112 Improper Authentication vulnerability in Evernote
Evernote before 5.5.1 has insecure PIN storage
low complexity
evernote CWE-287
4.6