Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-07 | CVE-2019-14432 | Improper Authentication vulnerability in Loom 0.16.0 Incorrect authentication of application WebSocket connections in Loom Desktop for Mac up to 0.16.0 allows remote code execution from either malicious JavaScript in a browser or hosts on the same network, during periods in which a user is recording a video with the application. | 8.8 |
| 2019-08-06 | CVE-2019-14705 | Improper Authentication vulnerability in Microdigital products An Incorrect Access Control issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5 because any valid cookie can be used to make requests as an admin. | 7.2 |
| 2019-08-06 | CVE-2019-5679 | Improper Authentication vulnerability in Nvidia Shield Experience NVIDIA Shield TV Experience prior to v8.0, NVIDIA Tegra bootloader contains a vulnerability in nvtboot where the Trusted OS image is improperly authenticated, which may lead to code execution, denial of service, escalation of privileges, and information disclosure, code execution, denial of service, or escalation of privileges | 7.8 |
| 2019-08-02 | CVE-2019-7163 | Improper Authentication vulnerability in TCL Alcatel Linkzone Firmware Mw40Vv1.0Mw40Lu02.0002 The web interface of Alcatel LINKZONE MW40-V-V1.0 MW40_LU_02.00_02 devices is vulnerable to an authentication bypass that allows an unauthenticated user to have access to the web interface without knowing the administrator's password. | 9.8 |
| 2019-08-02 | CVE-2018-1987 | Improper Authentication vulnerability in IBM Data Protection IBM Spectrum Protect for Enterprise Resource Planning 7.1 and 8.1, if tracing is activated, the IBM Spectrum Protect node password may be displayed in plain text in the ERP trace file. | 7.8 |
| 2019-08-01 | CVE-2016-10826 | Improper Authentication vulnerability in Cpanel cPanel before 55.9999.141 allows attackers to bypass Two Factor Authentication via DNS clustering requests (SEC-93). | 8.8 |
| 2019-08-01 | CVE-2018-20937 | Improper Authentication vulnerability in Cpanel cPanel before 68.0.27 does not validate database and dbuser names during renames (SEC-321). | 4.3 |
| 2019-08-01 | CVE-2016-10835 | Improper Authentication vulnerability in Cpanel cPanel before 55.9999.141 allows a POP/IMAP cPHulk bypass via account name munging (SEC-107). | 4.3 |
| 2019-08-01 | CVE-2016-10833 | Improper Authentication vulnerability in Cpanel cPanel before 55.9999.141 mishandles username-based blocking for PRE requests in cPHulkd (SEC-104). | 7.5 |
| 2019-08-01 | CVE-2016-10832 | Improper Authentication vulnerability in Cpanel cPanel before 55.9999.141 allows FTP cPHulk bypass via account name munging (SEC-102). | 6.5 |