Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-27 | CVE-2017-12195 | Improper Authentication vulnerability in Redhat Openshift Container Platform A flaw was found in all Openshift Enterprise versions using the openshift elasticsearch plugin. | 4.8 |
| 2018-07-27 | CVE-2018-6686 | Improper Authentication vulnerability in Mcafee Drive Encryption Authentication Bypass vulnerability in TPM autoboot in McAfee Drive Encryption (MDE) 7.1.0 and above allows physically proximate attackers to bypass local security protection via specific set of circumstances. | 6.6 |
| 2018-07-26 | CVE-2017-12610 | Improper Authentication vulnerability in Apache Kafka In Apache Kafka 0.10.0.0 to 0.10.2.1 and 0.11.0.0 to 0.11.0.1, authenticated Kafka clients may use impersonation via a manually crafted protocol message with SASL/PLAIN or SASL/SCRAM authentication when using the built-in PLAIN or SCRAM server implementations in Apache Kafka. | 6.8 |
| 2018-07-25 | CVE-2018-11491 | Improper Authentication vulnerability in Asus Hg100 Firmware 1.05.12 ASUS HG100 devices with firmware before 1.05.12 allow unauthenticated access, leading to remote command execution. | 9.8 |
| 2018-07-24 | CVE-2018-8859 | Improper Authentication vulnerability in Echelon products Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. | 9.8 |
| 2018-07-20 | CVE-2018-12804 | Improper Authentication vulnerability in Adobe Connect Adobe Connect versions 9.7.5 and earlier have an Authentication Bypass vulnerability. | 9.8 |
| 2018-07-16 | CVE-2017-2638 | Improper Authentication vulnerability in multiple products It was found that the REST API in Infinispan before version 9.0.0 did not properly enforce auth constraints. | 6.5 |
| 2018-07-13 | CVE-2016-9497 | Improper Authentication vulnerability in Hughes products Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel. | 8.8 |
| 2018-07-13 | CVE-2016-9482 | Improper Authentication vulnerability in Jqueryform PHP Formmail Generator Code generated by PHP FormMail Generator may allow a remote unauthenticated user to bypass authentication in the to access the administrator panel by navigating directly to /admin.php?mod=admin&func=panel | 9.8 |
| 2018-07-13 | CVE-2016-6549 | Improper Authentication vulnerability in Nutspace NUT Mobile The Zizai Tech Nut device allows unauthenticated Bluetooth pairing, which enables unauthenticated connected applications to write data to the device name attribute. | 4.3 |