Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-25 | CVE-2023-35078 | Improper Authentication vulnerability in Ivanti Endpoint Manager Mobile An authentication bypass vulnerability in Ivanti EPMM allows unauthorized users to access restricted functionality or resources of the application without proper authentication. | 9.8 |
| 2023-07-21 | CVE-2023-37918 | Improper Authentication vulnerability in Linuxfoundation Dapr Dapr is a portable, event-driven, runtime for building distributed applications across cloud and edge. | 7.5 |
| 2023-07-20 | CVE-2023-37471 | Improper Authentication vulnerability in Openidentityplatform Openam Open Access Management (OpenAM) is an access management solution that includes Authentication, SSO, Authorization, Federation, Entitlements and Web Services Security. | 9.8 |
| 2023-07-19 | CVE-2023-37362 | Improper Authentication vulnerability in Weintek Weincloud 0.13.6 Weintek Weincloud v0.13.6 could allow an attacker to abuse the registration functionality to login with testing credentials to the official website. | 8.8 |
| 2023-07-19 | CVE-2023-3638 | Improper Authentication vulnerability in Geovision Gv-Adr2701 Firmware 1.0020171215 In GeoVision GV-ADR2701 cameras, an attacker could edit the login response to access the web application. | 9.8 |
| 2023-07-19 | CVE-2023-27877 | Improper Authentication vulnerability in IBM Cloud PAK for Data 4.0 IBM Planning Analytics Cartridge for Cloud Pak for Data 4.0 connects to a CouchDB server. | 7.5 |
| 2023-07-18 | CVE-2022-34155 | Improper Authentication vulnerability in Miniorange Oauth Single Sign on Improper Authentication vulnerability in miniOrange OAuth Single Sign On – SSO (OAuth Client) plugin allows Authentication Bypass.This issue affects OAuth Single Sign On – SSO (OAuth Client): from n/a through 6.23.3. | 8.8 |
| 2023-07-17 | CVE-2023-37266 | Improper Authentication vulnerability in Icewhale Casaos CasaOS is an open-source Personal Cloud system. | 9.8 |
| 2023-07-17 | CVE-2023-3591 | Improper Authentication vulnerability in Mattermost Server Mattermost fails to invalidate previously generated password reset tokens when a new reset token was created. | 8.2 |
| 2023-07-17 | CVE-2023-35901 | Improper Authentication vulnerability in IBM products IBM Robotic Process Automation 21.0.0 through 21.0.7.6 and 23.0.0 through 23.0.6 is vulnerable to client side validation bypass which could allow invalid changes or values in some fields. | 5.3 |