Vulnerabilities > Improper Authentication
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-11-13 | CVE-2019-5233 | Improper Authentication vulnerability in Huawei Taurus-Al00B Firmware 10.0.0.41(Sp2C00E41R3P2) Huawei smartphones with versions earlier than Taurus-AL00B 10.0.0.41(SP2C00E41R3P2) have an improper authentication vulnerability. | 8.8 |
2019-11-12 | CVE-2019-5213 | Improper Authentication vulnerability in Huawei Honor Play Firmware 9.1.0.333(C00E333R1P1T8)/Cornellal00A9.0.0.156(C00E156R1P13T8) Honor play smartphones with versions earlier than Cornell-AL00A 9.1.0.321(C00E320R1P1T8) have an insufficient authentication vulnerability. | 2.4 |
2019-11-12 | CVE-2019-18848 | Improper Authentication vulnerability in multiple products The json-jwt gem before 1.11.0 for Ruby lacks an element count during the splitting of a JWE string. | 7.5 |
2019-11-06 | CVE-2011-4628 | Improper Authentication vulnerability in Typo3 TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to bypass authentication mechanisms in the backend through a crafted request. | 9.8 |
2019-11-05 | CVE-2019-8108 | Improper Authentication vulnerability in Magento Insecure authentication and session management vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 6.5 |
2019-11-05 | CVE-2013-5123 | Improper Authentication vulnerability in multiple products The mirroring support (-M, --use-mirrors) in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks. | 5.9 |
2019-11-05 | CVE-2019-1980 | Improper Authentication vulnerability in Cisco products A vulnerability in the protocol detection component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. | 5.3 |
2019-11-05 | CVE-2019-1877 | Improper Authentication vulnerability in Cisco Enterprise Chat and Email 11.6(1)Es9 A vulnerability in the HTTP API of Cisco Enterprise Chat and Email could allow an unauthenticated, remote attacker to download files attached through chat sessions. | 6.5 |
2019-11-02 | CVE-2019-18661 | Improper Authentication vulnerability in Fastweb Fastgate Firmware 1.0.1B Fastweb FASTGate 1.0.1b devices allow partial authentication bypass by changing a certain check_pwd return value from 0 to 1. | 7.5 |
2019-10-31 | CVE-2018-4064 | Improper Authentication vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3 An exploitable unverified password change vulnerability exists in the ACEManager upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. | 7.1 |