Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-30 | CVE-2018-10847 | Improper Authentication vulnerability in Prosody prosody before versions 0.10.2, 0.9.14 is vulnerable to an Authentication Bypass. | 8.8 |
| 2018-07-27 | CVE-2017-2652 | Improper Authentication vulnerability in Jenkins Distributed Fork It was found that there were no permission checks performed in the Distributed Fork plugin before and including 1.5.0 for Jenkins that provides the dist-fork CLI command beyond the basic check for Overall/Read permission, allowing anyone with that permission to run arbitrary shell commands on all connected nodes. | 8.8 |
| 2018-07-27 | CVE-2018-6686 | Improper Authentication vulnerability in Mcafee Drive Encryption Authentication Bypass vulnerability in TPM autoboot in McAfee Drive Encryption (MDE) 7.1.0 and above allows physically proximate attackers to bypass local security protection via specific set of circumstances. | 6.6 |
| 2018-07-26 | CVE-2017-12610 | Improper Authentication vulnerability in Apache Kafka In Apache Kafka 0.10.0.0 to 0.10.2.1 and 0.11.0.0 to 0.11.0.1, authenticated Kafka clients may use impersonation via a manually crafted protocol message with SASL/PLAIN or SASL/SCRAM authentication when using the built-in PLAIN or SCRAM server implementations in Apache Kafka. | 6.8 |
| 2018-07-25 | CVE-2018-11491 | Improper Authentication vulnerability in Asus Hg100 Firmware 1.05.12 ASUS HG100 devices with firmware before 1.05.12 allow unauthenticated access, leading to remote command execution. | 9.8 |
| 2018-07-24 | CVE-2018-8859 | Improper Authentication vulnerability in Echelon products Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. | 9.8 |
| 2018-07-20 | CVE-2018-12804 | Improper Authentication vulnerability in Adobe Connect Adobe Connect versions 9.7.5 and earlier have an Authentication Bypass vulnerability. | 9.8 |
| 2018-07-16 | CVE-2017-2638 | Improper Authentication vulnerability in multiple products It was found that the REST API in Infinispan before version 9.0.0 did not properly enforce auth constraints. | 6.5 |
| 2018-07-13 | CVE-2016-9497 | Improper Authentication vulnerability in Hughes products Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel. | 8.8 |
| 2018-07-13 | CVE-2016-9482 | Improper Authentication vulnerability in Jqueryform PHP Formmail Generator Code generated by PHP FormMail Generator may allow a remote unauthenticated user to bypass authentication in the to access the administrator panel by navigating directly to /admin.php?mod=admin&func=panel | 9.8 |