Vulnerabilities > Improper Authentication

DATE CVE VULNERABILITY TITLE RISK
2019-08-06 CVE-2019-5679 Improper Authentication vulnerability in Nvidia Shield Experience
NVIDIA Shield TV Experience prior to v8.0, NVIDIA Tegra bootloader contains a vulnerability in nvtboot where the Trusted OS image is improperly authenticated, which may lead to code execution, denial of service, escalation of privileges, and information disclosure, code execution, denial of service, or escalation of privileges
local
low complexity
nvidia CWE-287
7.8
2019-08-02 CVE-2019-7163 Improper Authentication vulnerability in TCL Alcatel Linkzone Firmware Mw40Vv1.0Mw40Lu02.0002
The web interface of Alcatel LINKZONE MW40-V-V1.0 MW40_LU_02.00_02 devices is vulnerable to an authentication bypass that allows an unauthenticated user to have access to the web interface without knowing the administrator's password.
network
low complexity
tcl CWE-287
critical
9.8
2019-08-02 CVE-2018-1987 Improper Authentication vulnerability in IBM Data Protection
IBM Spectrum Protect for Enterprise Resource Planning 7.1 and 8.1, if tracing is activated, the IBM Spectrum Protect node password may be displayed in plain text in the ERP trace file.
local
low complexity
ibm CWE-287
7.8
2019-08-01 CVE-2016-10826 Improper Authentication vulnerability in Cpanel
cPanel before 55.9999.141 allows attackers to bypass Two Factor Authentication via DNS clustering requests (SEC-93).
network
low complexity
cpanel CWE-287
8.8
2019-08-01 CVE-2018-20937 Improper Authentication vulnerability in Cpanel
cPanel before 68.0.27 does not validate database and dbuser names during renames (SEC-321).
network
low complexity
cpanel CWE-287
4.3
2019-08-01 CVE-2016-10835 Improper Authentication vulnerability in Cpanel
cPanel before 55.9999.141 allows a POP/IMAP cPHulk bypass via account name munging (SEC-107).
network
low complexity
cpanel CWE-287
4.3
2019-08-01 CVE-2016-10833 Improper Authentication vulnerability in Cpanel
cPanel before 55.9999.141 mishandles username-based blocking for PRE requests in cPHulkd (SEC-104).
network
low complexity
cpanel CWE-287
7.5
2019-08-01 CVE-2016-10832 Improper Authentication vulnerability in Cpanel
cPanel before 55.9999.141 allows FTP cPHulk bypass via account name munging (SEC-102).
network
low complexity
cpanel CWE-287
6.5
2019-08-01 CVE-2016-10831 Improper Authentication vulnerability in Cpanel
cPanel before 55.9999.141 does not perform as two-factor authentication check when possessing another account (SEC-101).
network
low complexity
cpanel CWE-287
7.2
2019-08-01 CVE-2018-20924 Improper Authentication vulnerability in Cpanel
cPanel before 70.0.23 allows arbitrary file-read and file-unlink operations via WHM style uploads (SEC-378).
network
low complexity
cpanel CWE-287
5.5