Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-05 | CVE-2019-13190 | Improper Authentication vulnerability in ENG Knowage 6.1.0/6.1.1 In Knowage through 6.1.1, the sign up page does not invalidate a valid CAPTCHA token. | 5.3 |
| 2019-08-30 | CVE-2019-13526 | Improper Authentication vulnerability in Datalogic Av7000 Firmware Datalogic AV7000 Linear barcode scanner all versions prior to 4.6.0.0 is vulnerable to authentication bypass, which may allow an attacker to remotely execute arbitrary code. | 8.8 |
| 2019-08-29 | CVE-2019-11064 | Improper Authentication vulnerability in multiple products A vulnerability of remote credential disclosure was discovered in Advan VD-1 firmware versions up to 230. | 9.8 |
| 2019-08-28 | CVE-2019-12643 | Improper Authentication vulnerability in Cisco IOS XE 15.5(3)S3.16/16.6.5 A vulnerability in the Cisco REST API virtual service container for Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass authentication on the managed Cisco IOS XE device. | 10.0 |
| 2019-08-22 | CVE-2014-10389 | Improper Authentication vulnerability in Wpsupportplus WP Support Plus Responsive Ticket System The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has incorrect authentication. | 9.8 |
| 2019-08-21 | CVE-2019-1974 | Improper Authentication vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to bypass user authentication and gain access as an administrative user. | 9.8 |
| 2019-08-21 | CVE-2019-1938 | Improper Authentication vulnerability in Cisco UCS Director and UCS Director Express for BIG Data A vulnerability in the web-based management interface of Cisco UCS Director and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrator privileges on an affected system. | 9.8 |
| 2019-08-21 | CVE-2019-1937 | Improper Authentication vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to acquire a valid session token with administrator privileges, bypassing user authentication. | 9.8 |
| 2019-08-20 | CVE-2019-6143 | Improper Authentication vulnerability in Forcepoint Next Generation Firewall Forcepoint Next Generation Firewall (Forcepoint NGFW) 6.4.x before 6.4.7, 6.5.x before 6.5.4, and 6.6.x before 6.6.2 has a serious authentication vulnerability that potentially allows unauthorized users to bypass password authentication and access services protected by the NGFW Engine. | 9.1 |
| 2019-08-15 | CVE-2019-11187 | Improper Authentication vulnerability in multiple products Incorrect Access Control in the LDAP class of GONICUS GOsa through 2019-04-11 allows an attacker to log into any account with a username containing the case-insensitive substring "success" when an arbitrary password is provided. | 9.8 |