VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Improper Authentication
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-02-04
CVE-2025-0890
**UNSUPPORTED WHEN ASSIGNED** Insecure default credentials for the Telnet function in the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00(AAFR.4)C0_20170615 could allow an attacker to log in to the management interface if the administrators have the option to change the default credentials but fail to do so.
network
low complexity
CWE-287
critical
9.8
9.8
2025-01-08
CVE-2023-52955
Improper Authentication vulnerability in Huawei Emui and Harmonyos
Vulnerability of improper authentication in the ANS system service module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
network
low complexity
huawei
CWE-287
7.5
7.5
2025-01-08
CVE-2024-56445
Improper Authentication vulnerability in Huawei Harmonyos 5.0.0
Instruction authentication bypass vulnerability in the Findnetwork module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
network
low complexity
huawei
CWE-287
5.3
5.3
2025-01-07
CVE-2024-12264
The PayU CommercePro Plugin plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.8.3.
network
low complexity
CWE-287
critical
9.8
9.8
2024-12-18
CVE-2024-12287
The Biagiotti Membership plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.0.2.
network
low complexity
CWE-287
critical
9.8
9.8
2024-12-12
CVE-2024-10111
The OAuth Single Sign On – SSO (OAuth Client) plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 6.26.3.
network
high complexity
CWE-287
8.1
8.1
2024-12-12
CVE-2024-11015
The Sign In With Google plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.8.0.
network
low complexity
CWE-287
critical
9.8
9.8
2024-12-11
CVE-2024-47761
Improper Authentication vulnerability in Glpi-Project Glpi
GLPI is a free asset and IT management software package.
network
low complexity
glpi-project
CWE-287
7.2
7.2
2024-11-26
CVE-2016-10394
Improper Authentication vulnerability in Qualcomm products
Initial xbl_sec revision does not have all the debug policy features and critical checks.
local
low complexity
qualcomm
CWE-287
7.8
7.8
2024-11-26
CVE-2018-11952
Improper Authentication vulnerability in Qualcomm products
An image with a version lower than the fuse version may potentially be booted lead to improper authentication.
local
low complexity
qualcomm
CWE-287
7.8
7.8
«
Previous
1
2
(current)
3
4
5
...
200
201
»
Next