Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-27 | CVE-2023-4641 | Improper Authentication vulnerability in multiple products A flaw was found in shadow-utils. | 5.5 |
| 2023-12-26 | CVE-2023-6155 | Improper Authentication vulnerability in Ays-Pro Quiz Maker The Quiz Maker WordPress plugin before 6.4.9.5 does not adequately authorize the `ays_quiz_author_user_search` AJAX action, allowing an unauthenticated attacker to perform a search for users of the system, ultimately leaking user email addresses. | 5.3 |
| 2023-12-25 | CVE-2022-34267 | Improper Authentication vulnerability in RWS Worldserver An issue was discovered in RWS WorldServer before 11.7.3. | 9.8 |
| 2023-12-25 | CVE-2023-31224 | Improper Authentication vulnerability in Jamf There is broken access control during authentication in Jamf Pro Server before 10.46.1. | 9.8 |
| 2023-12-22 | CVE-2023-50714 | Improper Authentication vulnerability in Yiiframework Yii2-Authclient yii2-authclient is an extension that adds OpenID, OAuth, OAuth2 and OpenId Connect consumers for the Yii framework 2.0. | 8.8 |
| 2023-12-22 | CVE-2023-51708 | Improper Authentication vulnerability in Bentley products Bentley eB System Management Console applications within Assetwise Integrity Information Server allow an unauthenticated user to view configuration options via a crafted request, leading to information disclosure. | 8.6 |
| 2023-12-21 | CVE-2023-6847 | Improper Authentication vulnerability in Github Enterprise Server An improper authentication vulnerability was identified in GitHub Enterprise Server that allowed a bypass of Private Mode by using a specially crafted API request. | 7.5 |
| 2023-12-18 | CVE-2023-6483 | Improper Authentication vulnerability in Aditaas Allied Digital Integrated Tool-As-A-Service 5.1 The vulnerability exists in ADiTaaS (Allied Digital Integrated Tool-as-a-Service) version 5.1 due to an improper authentication vulnerability in the ADiTaaS backend API. | 9.8 |
| 2023-12-13 | CVE-2023-49646 | Improper Authentication vulnerability in Zoom products Improper authentication in some Zoom clients before version 5.16.5 may allow an authenticated user to conduct a denial of service via network access. | 6.5 |
| 2023-12-13 | CVE-2023-45801 | Improper Authentication vulnerability in Nadatel products Improper Authentication vulnerability in Nadatel DVR allows Information Elicitation.This issue affects DVR: from 3.0.0 before 9.9.0. | 7.5 |