Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-14 | CVE-2023-22663 | Improper Authentication vulnerability in Intel Unison Software 20.14.2.3053/20.14.4244 Improper authentication for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via network access. | 8.8 |
| 2023-11-14 | CVE-2023-28377 | Improper Authentication vulnerability in Intel USB Firmware Improper authentication in some Intel(R) NUC Kit NUC11PH USB firmware installation software before version 1.1 for Windows may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2023-11-14 | CVE-2023-32661 | Improper Authentication vulnerability in Intel Realtek SD Card Reader Driver Improper authentication in some Intel(R) NUC Kits NUC7PJYH and NUC7CJYH Realtek* SD Card Reader Driver installation software before version 10.0.19041.29098 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2023-11-09 | CVE-2023-29975 | Improper Authentication vulnerability in Pfsense 2.6.0 An issue discovered in Pfsense CE version 2.6.0 allows attackers to change the password of any user without verification. | 7.2 |
| 2023-11-09 | CVE-2023-4612 | Improper Authentication vulnerability in Apereo Central Authentication Service Improper Authentication vulnerability in Apereo CAS in jakarta.servlet.http.HttpServletRequest.getRemoteAddr method allows Multi-Factor Authentication bypass.This issue affects CAS: through 7.0.0-RC7. | 9.8 |
| 2023-11-07 | CVE-2023-42531 | Improper Authentication vulnerability in Samsung Android 11.0/12.0 Improper access control vulnerability in SmsController prior to SMR Nov-2023 Release1 allows local attackers to bypass restrictions on starting activities from the background. | 7.1 |
| 2023-11-07 | CVE-2023-42554 | Improper Authentication vulnerability in Samsung Pass 4.0.05.1/4.2.03.1 Improper Authentication vulnerabiity in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication. | 6.8 |
| 2023-11-06 | CVE-2023-40660 | Improper Authentication vulnerability in multiple products A flaw was found in OpenSC packages that allow a potential PIN bypass. | 6.6 |
| 2023-11-04 | CVE-2023-46963 | Improper Authentication vulnerability in Kaoshifeng Yunfan Learning Examination System 6.5 An issue in Beijing Yunfan Internet Technology Co., Ltd, Yunfan Learning Examination System v.6.5 allows a remote attacker to obtain sensitive information via the password parameter in the login function. | 5.3 |
| 2023-11-03 | CVE-2022-44569 | Improper Authentication vulnerability in Ivanti Automation A locally authenticated attacker with low privileges can bypass authentication due to insecure inter-process communication. | 7.8 |