Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-07 | CVE-2023-7211 | Improper Authentication vulnerability in Uniwayinfo products A vulnerability was found in Uniway Router 2.0. | 8.1 |
| 2024-01-04 | CVE-2024-20803 | Improper Authentication vulnerability in Samsung Android 11.0/12.0 Improper authentication vulnerability in Bluetooth pairing process prior to SMR Jan-2024 Release 1 allows remote attackers to establish pairing process without user interaction. | 6.5 |
| 2024-01-02 | CVE-2024-21632 | Improper Authentication vulnerability in Recognizeapp Omniauth::Microsoftgraph omniauth-microsoft_graph provides an Omniauth strategy for the Microsoft Graph API. | 9.8 |
| 2023-12-29 | CVE-2023-7079 | Improper Authentication vulnerability in Cloudflare Wrangler Sending specially crafted HTTP requests and inspector messages to Wrangler's dev server could result in any file on the user's computer being accessible over the local network. | 5.7 |
| 2023-12-29 | CVE-2023-31292 | Improper Authentication vulnerability in Sesami Cash Point & Transport Optimizer 6.3.8.6.718 An issue was discovered in Sesami Cash Point & Transport Optimizer (CPTO) 6.3.8.6 (#718), allows local attackers to obtain sensitive information and bypass authentication via "Back Button Refresh" attack. | 5.5 |
| 2023-12-27 | CVE-2023-40038 | Improper Authentication vulnerability in Arris Dg1670A Firmware and Dg860A Firmware Arris DG860A and DG1670A devices have predictable default WPA2 PSKs that could lead to unauthorized remote access. | 8.8 |
| 2023-12-27 | CVE-2023-4641 | Improper Authentication vulnerability in multiple products A flaw was found in shadow-utils. | 5.5 |
| 2023-12-26 | CVE-2023-6155 | Improper Authentication vulnerability in Ays-Pro Quiz Maker The Quiz Maker WordPress plugin before 6.4.9.5 does not adequately authorize the `ays_quiz_author_user_search` AJAX action, allowing an unauthenticated attacker to perform a search for users of the system, ultimately leaking user email addresses. | 5.3 |
| 2023-12-25 | CVE-2022-34267 | Improper Authentication vulnerability in RWS Worldserver An issue was discovered in RWS WorldServer before 11.7.3. | 9.8 |
| 2023-12-25 | CVE-2023-31224 | Improper Authentication vulnerability in Jamf There is broken access control during authentication in Jamf Pro Server before 10.46.1. | 9.8 |