Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-09 | CVE-2023-29975 | Improper Authentication vulnerability in Pfsense 2.6.0 An issue discovered in Pfsense CE version 2.6.0 allows attackers to change the password of any user without verification. | 7.2 |
| 2023-11-09 | CVE-2023-4612 | Improper Authentication vulnerability in Apereo Central Authentication Service Improper Authentication vulnerability in Apereo CAS in jakarta.servlet.http.HttpServletRequest.getRemoteAddr method allows Multi-Factor Authentication bypass.This issue affects CAS: through 7.0.0-RC7. | 9.8 |
| 2023-11-07 | CVE-2023-42531 | Improper Authentication vulnerability in Samsung Android 11.0/12.0 Improper access control vulnerability in SmsController prior to SMR Nov-2023 Release1 allows local attackers to bypass restrictions on starting activities from the background. | 7.1 |
| 2023-11-07 | CVE-2023-42554 | Improper Authentication vulnerability in Samsung Pass 4.0.05.1/4.2.03.1 Improper Authentication vulnerabiity in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication. | 6.8 |
| 2023-11-06 | CVE-2023-39345 | Improper Authentication vulnerability in Strapi strapi is an open-source headless CMS. | 7.5 |
| 2023-11-06 | CVE-2023-40660 | Improper Authentication vulnerability in multiple products A flaw was found in OpenSC packages that allow a potential PIN bypass. | 6.6 |
| 2023-11-04 | CVE-2023-46963 | Improper Authentication vulnerability in Kaoshifeng Yunfan Learning Examination System 6.5 An issue in Beijing Yunfan Internet Technology Co., Ltd, Yunfan Learning Examination System v.6.5 allows a remote attacker to obtain sensitive information via the password parameter in the login function. | 5.3 |
| 2023-11-03 | CVE-2022-44569 | Improper Authentication vulnerability in Ivanti Automation A locally authenticated attacker with low privileges can bypass authentication due to insecure inter-process communication. | 7.8 |
| 2023-11-02 | CVE-2023-26455 | Improper Authentication vulnerability in Open-Xchange Appsuite RMI was not requiring authentication when calling ChronosRMIService:setEventOrganizer. | 7.8 |
| 2023-11-02 | CVE-2023-46327 | Improper Authentication vulnerability in multiple products Multiple MFPs (multifunction printers) provided by FUJIFILM Business Innovation Corp. | 5.9 |