Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-15 | CVE-2019-19857 | Improper Authentication vulnerability in Serpico Project Serpico 1.3.0 An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. | 6.5 |
| 2020-01-10 | CVE-2012-3824 | Improper Authentication vulnerability in Arialsoftware Campaign Enterprise In Arial Campaign Enterprise before 11.0.551, multiple pages are accessible without authentication or authorization. | 7.5 |
| 2020-01-10 | CVE-2014-5081 | Improper Authentication vulnerability in multiple products sphider prior to 1.3.6, sphider-pro prior to 3.2, and sphider-plus prior to 3.2 allow authentication bypass | 9.8 |
| 2020-01-09 | CVE-2012-2714 | Improper Authentication vulnerability in Browserid Project Browserid 7.X1.0/7.X1.1/7.X1.2 The BrowserID (Mozilla Persona) module 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to hijack the authentication of arbitrary users via the audience identifier. | 9.8 |
| 2020-01-09 | CVE-2012-1258 | Improper Authentication vulnerability in Plixer Scrutinizer Netflow & Sflow Analyzer 5.0.2/8.6.2.16204 cgi-bin/userprefs.cgi in Plixer International Scrutinizer NetFlow & sFlow Analyzer before 9.0.1.19899 does not validate user permissions, which allow remote attackers to add user accounts with administrator privileges via the newuser, pwd, and selectedUserGroup parameters. | 6.5 |
| 2020-01-09 | CVE-2020-1786 | Improper Authentication vulnerability in Huawei Mate 20 PRO Firmware HUAWEI Mate 20 Pro smartphones versions earlier than 10.0.0.175(C00E69R3P8) have an improper authentication vulnerability. | 4.6 |
| 2020-01-09 | CVE-2020-1787 | Improper Authentication vulnerability in Huawei Mate 20 Firmware 9.0.0.195(C01E195R2P1)/9.0.0.205(C00E205R2P1)/9.1.0.131(C00E131R3P1) HUAWEI Mate 20 smartphones versions earlier than 9.1.0.139(C00E133R3P1) have an improper authentication vulnerability. | 6.6 |
| 2020-01-09 | CVE-2014-2651 | Improper Authentication vulnerability in Atos products Unify OpenStage/OpenScape Desk Phone IP SIP before V3 R3.11.0 has an authentication bypass in the default mode of the Workpoint Interface | 9.8 |
| 2020-01-08 | CVE-2019-17023 | Improper Authentication vulnerability in multiple products After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition in the TLS State Machine. | 6.5 |
| 2020-01-08 | CVE-2019-19518 | Improper Authentication vulnerability in Broadcom CA Automic Sysload 5.6.0/6.1.2 CA Automic Sysload 5.6.0 through 6.1.2 contains a vulnerability, related to a lack of authentication on the File Server port, that potentially allows remote attackers to execute arbitrary commands. | 9.8 |