Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-28 | CVE-2023-48121 | Improper Authentication vulnerability in Ezviz products An authentication bypass vulnerability in the Direct Connection Module in Ezviz CS-C6N-xxx prior to v5.3.x build 20230401, Ezviz CS-CV310-xxx prior to v5.3.x build 20230401, Ezviz CS-C6CN-xxx prior to v5.3.x build 20230401, Ezviz CS-C3N-xxx prior to v5.3.x build 20230401 allows remote attackers to obtain sensitive information by sending crafted messages to the affected devices. | 5.3 |
| 2023-11-28 | CVE-2023-41264 | Improper Authentication vulnerability in Netwrix Usercube Netwrix Usercube before 6.0.215, in certain misconfigured on-premises installations, allows authentication bypass on deployment endpoints, leading to privilege escalation. | 9.8 |
| 2023-11-27 | CVE-2023-41999 | Improper Authentication vulnerability in Arcserve UDP An authentication bypass exists in Arcserve UDP prior to version 9.2. | 9.8 |
| 2023-11-27 | CVE-2023-6329 | Improper Authentication vulnerability in Controlid Idsecure 4.7.32.0 An authentication bypass vulnerability exists in Control iD iDSecure v4.7.32.0. | 9.8 |
| 2023-11-22 | CVE-2023-2437 | Improper Authentication vulnerability in Userproplugin Userpro The UserPro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.1.1. | 8.1 |
| 2023-11-21 | CVE-2023-49105 | Improper Authentication vulnerability in Owncloud An issue was discovered in ownCloud owncloud/core before 10.13.1. | 9.8 |
| 2023-11-20 | CVE-2023-29155 | Improper Authentication vulnerability in Inea ME RTU Firmware 3.36/3.36B Versions of INEA ME RTU firmware 3.36b and prior do not require authentication to the "root" account on the host system of the device. | 9.8 |
| 2023-11-15 | CVE-2023-41442 | Improper Authentication vulnerability in Kloudq products An issue in Kloudq Technologies Limited Tor Equip 1.0, Tor Loco Mini 1.0 through 3.1 allows a remote attacker to execute arbitrary code via a crafted request to the MQTT component. | 9.8 |
| 2023-11-15 | CVE-2023-43582 | Improper Authentication vulnerability in Zoom products Improper authorization in some Zoom clients may allow an authorized user to conduct an escalation of privilege via network access. | 8.8 |
| 2023-11-14 | CVE-2023-47127 | Improper Authentication vulnerability in Typo3 TYPO3 is an open source PHP based web content management system released under the GNU GPL. | 5.4 |