Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-26 | CVE-2024-47127 | Improper Authentication vulnerability in Gotenna PRO In the goTenna Pro App there is a vulnerability that makes it possible to inject any custom message with any GID and Callsign using a software defined radio in existing goTenna mesh networks. | 3.1 |
| 2024-09-17 | CVE-2024-8956 | Improper Authentication vulnerability in Ptzoptics Pt30X-Ndi-Xx-G2 Firmware and Pt30X-Sdi Firmware PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an insufficient authentication issue. | 9.1 |
| 2024-09-13 | CVE-2024-45113 | Improper Authentication vulnerability in Adobe Coldfusion 2021/2023 ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Authentication vulnerability that could result in privilege escalation. | 7.5 |
| 2024-09-11 | CVE-2024-8642 | Improper Authentication vulnerability in Eclipse Dataspace Components In Eclipse Dataspace Components, from version 0.5.0 and before version 0.9.0, the ConsumerPullTransferTokenValidationApiController does not check for token validity (expiry, not-before, issuance date), which can allow an attacker to bypass the check for token expiration. | 8.1 |
| 2024-09-06 | CVE-2023-45038 | Improper Authentication vulnerability in Qnap Music Station An improper authentication vulnerability has been reported to affect Music Station. | 8.8 |
| 2024-09-05 | CVE-2024-5956 | Improper Authentication vulnerability in Trellix Intrusion Prevention System Manager 11.1.7.97 This vulnerability allows unauthenticated remote attackers to bypass authentication and gain partial data access to the vulnerable Trellix IPS Manager with garbage data in response mostly | 5.3 |
| 2024-09-05 | CVE-2024-5957 | Improper Authentication vulnerability in Trellix Intrusion Prevention System Manager 10.1 This vulnerability allows unauthenticated remote attackers to bypass authentication and gain APIs access of the Manager. | 7.5 |
| 2024-09-04 | CVE-2024-7012 | Improper Authentication vulnerability in Redhat Satellite 6.13/6.14/6.15 An authentication bypass vulnerability has been identified in Foreman when deployed with External Authentication, due to the puppet-foreman configuration. | 9.8 |
| 2024-09-04 | CVE-2024-7923 | Improper Authentication vulnerability in Redhat Satellite 6.13/6.14/6.15 An authentication bypass vulnerability has been identified in Pulpcore when deployed with Gunicorn versions prior to 22.0, due to the puppet-pulpcore configuration. | 9.8 |
| 2024-09-04 | CVE-2024-7870 | Improper Authentication vulnerability in Pixelyoursite The PixelYourSite – Your smart PIXEL (TAG) & API Manager and the PixelYourSite PRO plugins for WordPress are vulnerable to Sensitive Information Exposure in all versions up to, and including, 9.7.1 and 10.4.2, respectively, through publicly exposed log files. | 7.5 |