Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-05 | CVE-2018-7123 | Improper Authentication vulnerability in HP Intelligent Management Center A remote denial of service vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | 7.5 |
| 2019-06-05 | CVE-2018-7121 | Improper Authentication vulnerability in HP Intelligent Management Center A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | 9.8 |
| 2019-06-05 | CVE-2018-18571 | Improper Authentication vulnerability in Citrix Xenmobile Server 10.8.0/10.9.0 An Incorrect Access Control vulnerability has been identified in Citrix XenMobile Server 10.8.0 before Rolling Patch 6 and 10.9.0 before Rolling Patch 3. | 9.1 |
| 2019-06-04 | CVE-2019-5298 | Improper Authentication vulnerability in Huawei Ap4050Dn-E Firmware There is an improper authentication vulnerability in some Huawei AP products before version V200R009C00SPC800. | 6.8 |
| 2019-06-03 | CVE-2019-12564 | Improper Authentication vulnerability in Douco Douphp 1.5 In DouCo DouPHP v1.5 Release 20190516, remote attackers can view the database backup file via a brute-force guessing approach for data/backup/DyyyymmddThhmmss.sql filenames. | 9.8 |
| 2019-06-02 | CVE-2019-12530 | Improper Authentication vulnerability in Glpi Dashboard Project Glpi Dashboard Incorrect access control was discovered in the stdonato Dashboard plugin through 0.9.7 for GLPI, affecting df.php, issue.php, load.php, mem.php, traf.php, and uptime.php in front/sh. | 9.8 |
| 2019-05-29 | CVE-2019-12440 | Improper Authentication vulnerability in Sitecore Rocks The Sitecore Rocks plugin before 2.1.149 for Sitecore allows an unauthenticated threat actor to inject malicious commands and code via the Sitecore Rocks Hard Rocks Service. | 9.8 |
| 2019-05-28 | CVE-2019-12395 | Improper Authentication vulnerability in Dynmap Project Dynmap In Webbukkit Dynmap 3.0-beta-3 or below, due to a missing login check in servlet/MapStorageHandler.java, an attacker can see a map image without login even if victim enables login-required in setting. | 5.3 |
| 2019-05-24 | CVE-2018-12013 | Improper Authentication vulnerability in Qualcomm products Improper authentication in locked memory region can lead to unprivilged access to the memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MDM9655, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 636, SD 712 / SD 710 / SD 670, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM630, SDM660, SXR1130 | 7.8 |
| 2019-05-24 | CVE-2018-11271 | Improper Authentication vulnerability in Qualcomm products Improper authentication can happen on Remote command handling due to inappropriate handling of events in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SM7150, Snapdragon_High_Med_2016, SXR1130 | 9.8 |