Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-09 | CVE-2019-5473 | Improper Authentication vulnerability in Gitlab 12.0.4/12.1.2 An authentication issue was discovered in GitLab that allowed a bypass of email verification. | 7.2 |
| 2019-09-09 | CVE-2019-12405 | Improper Authentication vulnerability in Apache Traffic Control 3.0.0/3.0.1 Improper authentication is possible in Apache Traffic Control versions 3.0.0 and 3.0.1 if LDAP is enabled for login in the Traffic Ops API component. | 9.8 |
| 2019-09-05 | CVE-2019-13188 | Improper Authentication vulnerability in ENG Knowage In Knowage through 6.1.1, an unauthenticated user can bypass access controls and access the entire application. | 9.8 |
| 2019-09-05 | CVE-2019-13361 | Improper Authentication vulnerability in Smanos W100 Firmware 1.0.0 Smanos W100 1.0.0 devices have Insecure Permissions, exploitable by an attacker on the same Wi-Fi network. | 6.5 |
| 2019-09-05 | CVE-2019-13190 | Improper Authentication vulnerability in ENG Knowage 6.1.0/6.1.1 In Knowage through 6.1.1, the sign up page does not invalidate a valid CAPTCHA token. | 5.3 |
| 2019-08-30 | CVE-2019-13526 | Improper Authentication vulnerability in Datalogic Av7000 Firmware Datalogic AV7000 Linear barcode scanner all versions prior to 4.6.0.0 is vulnerable to authentication bypass, which may allow an attacker to remotely execute arbitrary code. | 8.8 |
| 2019-08-29 | CVE-2019-11064 | Improper Authentication vulnerability in multiple products A vulnerability of remote credential disclosure was discovered in Advan VD-1 firmware versions up to 230. | 9.8 |
| 2019-08-28 | CVE-2019-12643 | Improper Authentication vulnerability in Cisco IOS XE 15.5(3)S3.16/16.6.5 A vulnerability in the Cisco REST API virtual service container for Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass authentication on the managed Cisco IOS XE device. | 10.0 |
| 2019-08-22 | CVE-2014-10389 | Improper Authentication vulnerability in Wpsupportplus WP Support Plus Responsive Ticket System The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has incorrect authentication. | 9.8 |
| 2019-08-21 | CVE-2019-1974 | Improper Authentication vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to bypass user authentication and gain access as an administrative user. | 9.8 |