Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-07 | CVE-2023-42531 | Improper Authentication vulnerability in Samsung Android 11.0/12.0 Improper access control vulnerability in SmsController prior to SMR Nov-2023 Release1 allows local attackers to bypass restrictions on starting activities from the background. | 7.1 |
| 2023-11-07 | CVE-2023-42554 | Improper Authentication vulnerability in Samsung Pass 4.0.05.1/4.2.03.1 Improper Authentication vulnerabiity in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication. | 6.8 |
| 2023-11-06 | CVE-2023-40660 | Improper Authentication vulnerability in multiple products A flaw was found in OpenSC packages that allow a potential PIN bypass. | 6.6 |
| 2023-11-04 | CVE-2023-46963 | Improper Authentication vulnerability in Kaoshifeng Yunfan Learning Examination System 6.5 An issue in Beijing Yunfan Internet Technology Co., Ltd, Yunfan Learning Examination System v.6.5 allows a remote attacker to obtain sensitive information via the password parameter in the login function. | 5.3 |
| 2023-11-03 | CVE-2022-44569 | Improper Authentication vulnerability in Ivanti Automation A locally authenticated attacker with low privileges can bypass authentication due to insecure inter-process communication. | 7.8 |
| 2023-11-02 | CVE-2023-26455 | Improper Authentication vulnerability in Open-Xchange Appsuite RMI was not requiring authentication when calling ChronosRMIService:setEventOrganizer. | 7.8 |
| 2023-11-02 | CVE-2023-46327 | Improper Authentication vulnerability in multiple products Multiple MFPs (multifunction printers) provided by FUJIFILM Business Innovation Corp. | 5.9 |
| 2023-10-30 | CVE-2023-21297 | Improper Authentication vulnerability in Google Android In SEPolicy, there is a possible way to access the factory MAC address due to a permissions bypass. | 4.4 |
| 2023-10-30 | CVE-2023-21307 | Improper Authentication vulnerability in Google Android In Bluetooth, there is a possible way for a paired Bluetooth device to access a long term identifier for an Android device due to a permissions bypass. | 5.0 |
| 2023-10-30 | CVE-2023-5844 | Improper Authentication vulnerability in Pimcore Admin Classic Bundle Unverified Password Change in GitHub repository pimcore/admin-ui-classic-bundle prior to 1.2.0. | 7.2 |