Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-12 | CVE-2023-33274 | Improper Authentication vulnerability in Voltronicpower Snmp web PRO 1.1 The authentication mechanism in PowerShield SNMP Web Pro 1.1 contains a vulnerability that allows unauthenticated users to directly access Common Gateway Interface (CGI) scripts without proper identification or authorization. | 9.8 |
| 2023-07-11 | CVE-2023-3127 | Improper Authentication vulnerability in Johnsoncontrols products An unauthenticated user could log into iSTAR Ultra, iSTAR Ultra LT, iSTAR Ultra G2, and iSTAR Edge G2 with administrator rights. | 9.8 |
| 2023-07-06 | CVE-2023-30675 | Improper Authentication vulnerability in Samsung Pass 4.0.05.1 Improper authentication in Samsung Pass prior to version 4.2.03.1 allows local attacker to access stored account information when Samsung Wallet is not installed. | 5.5 |
| 2023-06-30 | CVE-2023-32620 | Improper Authentication vulnerability in Wavlink Wl-Wn531Ax2 Firmware Improper authentication vulnerability in WL-WN531AX2 firmware versions prior to 2023526 allows a network-adjacent attacker to obtain a password for the wireless network. | 6.5 |
| 2023-06-28 | CVE-2023-32222 | Improper Authentication vulnerability in Dlink Dsl-G256Dg Firmware Bz1.00.27 D-Link DSL-G256DG version vBZ_1.00.27 web management interface allows authentication bypass via an unspecified method. | 9.8 |
| 2023-06-26 | CVE-2023-32523 | Improper Authentication vulnerability in Trendmicro Mobile Security 9.8 Affected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5 contain some widgets that would allow a remote user to bypass authentication and potentially chain with other vulnerabilities. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This is similar to, but not identical to CVE-2023-32524. | 8.8 |
| 2023-06-26 | CVE-2023-32524 | Improper Authentication vulnerability in Trendmicro Mobile Security 9.8 Affected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5 contain some widgets that would allow a remote user to bypass authentication and potentially chain with other vulnerabilities. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This is similar to, but not identical to CVE-2023-32523. | 8.8 |
| 2023-06-22 | CVE-2023-3326 | Improper Authentication vulnerability in Freebsd pam_krb5 authenticates a user by essentially running kinit with the password, getting a ticket-granting ticket (tgt) from the Kerberos KDC (Key Distribution Center) over the network, as a way to verify the password. | 9.8 |
| 2023-06-19 | CVE-2022-48494 | Improper Authentication vulnerability in Huawei Emui Vulnerability of lax app identity verification in the pre-authorization function.Successful exploitation of this vulnerability will cause malicious apps to become pre-authorized. | 7.5 |
| 2023-06-19 | CVE-2022-48496 | Improper Authentication vulnerability in Huawei Emui Vulnerability of lax app identity verification in the pre-authorization function.Successful exploitation of this vulnerability will cause malicious apps to become pre-authorized. | 7.5 |