Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-24 | CVE-2012-6451 | Improper Authentication vulnerability in Lorextechnology Lnc104 Firmware and Lnc116 Firmware Lorex LNC116 and LNC104 IP Cameras have a Remote Authentication Bypass Vulnerability | 9.8 |
| 2020-01-21 | CVE-2020-1788 | Improper Authentication vulnerability in Huawei Honor V30 Firmware Honor V30 smartphones with versions earlier than 10.0.1.135(C00E130R4P1) have an improper authentication vulnerability. | 5.5 |
| 2020-01-21 | CVE-2020-1840 | Improper Authentication vulnerability in Huawei Mate 20 Firmware HUAWEI Mate 20 smart phones with versions earlier than 10.0.0.175(C00E70R3P8) have an insufficient authentication vulnerability. | 6.0 |
| 2020-01-18 | CVE-2020-7222 | Improper Authentication vulnerability in Amcrest web Server 2.520.Ac00.18.R An issue was discovered in Amcrest Web Server 2.520.AC00.18.R 2017-06-29 WEB 3.2.1.453504. | 5.3 |
| 2020-01-16 | CVE-2019-3997 | Improper Authentication vulnerability in Simplisafe SS3 Firmware 1.0/1.3 Authentication bypass using an alternate path or channel in SimpliSafe SS3 firmware 1.0-1.3 allows a local, unauthenticated attacker to pair a rogue keypad to an armed system. | 4.6 |
| 2020-01-15 | CVE-2019-19857 | Improper Authentication vulnerability in Serpico Project Serpico 1.3.0 An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. | 6.5 |
| 2020-01-10 | CVE-2012-3824 | Improper Authentication vulnerability in Arialsoftware Campaign Enterprise In Arial Campaign Enterprise before 11.0.551, multiple pages are accessible without authentication or authorization. | 7.5 |
| 2020-01-10 | CVE-2014-5081 | Improper Authentication vulnerability in multiple products sphider prior to 1.3.6, sphider-pro prior to 3.2, and sphider-plus prior to 3.2 allow authentication bypass | 9.8 |
| 2020-01-09 | CVE-2012-2714 | Improper Authentication vulnerability in Browserid Project Browserid 7.X1.0/7.X1.1/7.X1.2 The BrowserID (Mozilla Persona) module 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to hijack the authentication of arbitrary users via the audience identifier. | 9.8 |
| 2020-01-09 | CVE-2012-1258 | Improper Authentication vulnerability in Plixer Scrutinizer Netflow & Sflow Analyzer 5.0.2/8.6.2.16204 cgi-bin/userprefs.cgi in Plixer International Scrutinizer NetFlow & sFlow Analyzer before 9.0.1.19899 does not validate user permissions, which allow remote attackers to add user accounts with administrator privileges via the newuser, pwd, and selectedUserGroup parameters. | 6.5 |