Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-04 | CVE-2023-21487 | Improper Authentication vulnerability in Samsung Android 11.0/12.0/13.0 Improper access control vulnerability in Telephony framework prior to SMR May-2023 Release 1 allows local attackers to change a call setting. | 3.3 |
| 2023-05-04 | CVE-2023-30328 | Improper Authentication vulnerability in Mailbutler Shimo 5.0.4 An issue in the helper tool of Mailbutler GmbH Shimo VPN Client for macOS v5.0.4 allows attackers to bypass authentication via PID re-use. | 9.8 |
| 2023-05-03 | CVE-2022-45860 | Improper Authentication vulnerability in Fortinet Fortinac and Fortinac-F A weak authentication vulnerability [CWE-1390] in FortiNAC-F version 7.2.0, FortiNAC version 9.4.2 and below, 9.2 all versions, 9.1 all versions, 8.8 all versions, 8.7 all versions in device registration page may allow an unauthenticated attacker to perform password spraying attacks with an increased chance of success. | 7.5 |
| 2023-05-03 | CVE-2022-30995 | Improper Authentication vulnerability in Acronis Cyber Backup and Cyber Protect Sensitive information disclosure due to improper authentication. | 7.5 |
| 2023-05-01 | CVE-2022-35898 | Improper Authentication vulnerability in Opentext Bizmanager OpenText BizManager before 16.6.0.1 does not perform proper validation during the change-password operation. | 9.8 |
| 2023-05-01 | CVE-2023-30061 | Improper Authentication vulnerability in Dlink Dir-879 Firmware 1.10 D-Link DIR-879 v105A1 is vulnerable to Authentication Bypass via phpcgi. | 7.5 |
| 2023-05-01 | CVE-2023-30063 | Improper Authentication vulnerability in Dlink Dir-890L Firmware 1.05 D-Link DIR-890L FW1.10 A1 is vulnerable to Authentication bypass. | 7.5 |
| 2023-04-28 | CVE-2023-1477 | Improper Authentication vulnerability in Hypr Keycloak Authenticator 8.0.0 Improper Authentication vulnerability in HYPR Keycloak Authenticator Extension allows Authentication Abuse.This issue affects HYPR Keycloak Authenticator Extension: before 7.10.2, before 8.0.3. | 8.8 |
| 2023-04-28 | CVE-2023-28473 | Improper Authentication vulnerability in Concretecms Concrete CMS Concrete CMS (previously concrete5) versions 8.5.12 and below, and 9.0 through 9.1.3 is vulnerable to possible Auth bypass in the jobs section. | 3.3 |
| 2023-04-27 | CVE-2023-2297 | Improper Authentication vulnerability in Cozmoslabs Profile Builder The Profile Builder – User Profile & User Registration Forms plugin for WordPress is vulnerable to unauthorized password resets in versions up to, and including 3.9.0. | 8.1 |