Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-15 | CVE-2023-43582 | Improper Authentication vulnerability in Zoom products Improper authorization in some Zoom clients may allow an authorized user to conduct an escalation of privilege via network access. | 8.8 |
| 2023-11-14 | CVE-2023-47127 | Improper Authentication vulnerability in Typo3 TYPO3 is an open source PHP based web content management system released under the GNU GPL. | 5.4 |
| 2023-11-14 | CVE-2023-22663 | Improper Authentication vulnerability in Intel Unison Software 20.14.2.3053/20.14.4244 Improper authentication for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via network access. | 8.8 |
| 2023-11-14 | CVE-2023-28377 | Improper Authentication vulnerability in Intel USB Firmware Improper authentication in some Intel(R) NUC Kit NUC11PH USB firmware installation software before version 1.1 for Windows may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2023-11-14 | CVE-2023-32661 | Improper Authentication vulnerability in Intel Realtek SD Card Reader Driver Improper authentication in some Intel(R) NUC Kits NUC7PJYH and NUC7CJYH Realtek* SD Card Reader Driver installation software before version 10.0.19041.29098 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2023-11-09 | CVE-2023-29975 | Improper Authentication vulnerability in Pfsense 2.6.0 An issue discovered in Pfsense CE version 2.6.0 allows attackers to change the password of any user without verification. | 7.2 |
| 2023-11-09 | CVE-2023-4612 | Improper Authentication vulnerability in Apereo Central Authentication Service Improper Authentication vulnerability in Apereo CAS in jakarta.servlet.http.HttpServletRequest.getRemoteAddr method allows Multi-Factor Authentication bypass.This issue affects CAS: through 7.0.0-RC7. | 9.8 |
| 2023-11-07 | CVE-2023-42531 | Improper Authentication vulnerability in Samsung Android 11.0/12.0 Improper access control vulnerability in SmsController prior to SMR Nov-2023 Release1 allows local attackers to bypass restrictions on starting activities from the background. | 7.1 |
| 2023-11-07 | CVE-2023-42554 | Improper Authentication vulnerability in Samsung Pass 4.0.05.1/4.2.03.1 Improper Authentication vulnerabiity in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication. | 6.8 |
| 2023-11-06 | CVE-2023-40660 | Improper Authentication vulnerability in multiple products A flaw was found in OpenSC packages that allow a potential PIN bypass. | 6.6 |