Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-28 | CVE-2013-4863 | Improper Authentication vulnerability in Micasaverde Veralite Firmware 1.5.408 The HomeAutomationGateway service in MiCasaVerde VeraLite with firmware 1.5.408 allows (1) remote attackers to execute arbitrary Lua code via a RunLua action in a request to upnp/control/hag on port 49451 or (2) remote authenticated users to execute arbitrary Lua code via a RunLua action in a request to port_49451/upnp/control/hag. | 8.8 |
| 2020-01-28 | CVE-2019-15585 | Improper Authentication vulnerability in Gitlab Improper authentication exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) in the GitLab SAML integration had a validation issue that permitted an attacker to takeover another user's account. | 9.8 |
| 2020-01-27 | CVE-2019-19825 | Improper Authentication vulnerability in Totolink products On certain TOTOLINK Realtek SDK based routers, the CAPTCHA text can be retrieved via an {"topicurl":"setting/getSanvas"} POST to the boafrm/formLogin URI, leading to a CAPTCHA bypass. | 9.8 |
| 2020-01-27 | CVE-2013-4462 | Improper Authentication vulnerability in Portable PHPmyadmin Project Portable PHPmyadmin WordPress Portable phpMyAdmin Plugin has an authentication bypass vulnerability | 9.1 |
| 2020-01-24 | CVE-2013-1596 | Improper Authentication vulnerability in Vivotek Pt7135 Firmware 0300A/0400A An Authentication Bypass Vulnerability exists in Vivotek PT7135 IP Camera 0300a and 0400a via specially crafted RTSP packets to TCP port 554. | 5.3 |
| 2020-01-24 | CVE-2012-6451 | Improper Authentication vulnerability in Lorextechnology Lnc104 Firmware and Lnc116 Firmware Lorex LNC116 and LNC104 IP Cameras have a Remote Authentication Bypass Vulnerability | 9.8 |
| 2020-01-21 | CVE-2020-1788 | Improper Authentication vulnerability in Huawei Honor V30 Firmware Honor V30 smartphones with versions earlier than 10.0.1.135(C00E130R4P1) have an improper authentication vulnerability. | 5.5 |
| 2020-01-21 | CVE-2020-1840 | Improper Authentication vulnerability in Huawei Mate 20 Firmware HUAWEI Mate 20 smart phones with versions earlier than 10.0.0.175(C00E70R3P8) have an insufficient authentication vulnerability. | 6.0 |
| 2020-01-18 | CVE-2020-7222 | Improper Authentication vulnerability in Amcrest web Server 2.520.Ac00.18.R An issue was discovered in Amcrest Web Server 2.520.AC00.18.R 2017-06-29 WEB 3.2.1.453504. | 5.3 |
| 2020-01-16 | CVE-2019-3997 | Improper Authentication vulnerability in Simplisafe SS3 Firmware 1.0/1.3 Authentication bypass using an alternate path or channel in SimpliSafe SS3 firmware 1.0-1.3 allows a local, unauthenticated attacker to pair a rogue keypad to an armed system. | 4.6 |