Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-30 | CVE-2024-23647 | Improper Authentication vulnerability in Goauthentik Authentik Authentik is an open-source Identity Provider. | 8.8 |
| 2024-01-30 | CVE-2023-51982 | Improper Authentication vulnerability in Cratedb 5.5.1 CrateDB 5.5.1 is contains an authentication bypass vulnerability in the Admin UI component. | 9.8 |
| 2024-01-29 | CVE-2024-1006 | Improper Authentication vulnerability in Shanxi Tianneng Technology Noderp A vulnerability was found in Shanxi Diankeyun Technology NODERP up to 6.0.2 and classified as critical. | 5.3 |
| 2024-01-29 | CVE-2024-23792 | Improper Authentication vulnerability in Otrs When adding attachments to ticket comments, another user can add attachments as well impersonating the orginal user. | 6.5 |
| 2024-01-29 | CVE-2024-0988 | Improper Authentication vulnerability in Kuerp Project Kuerp 1.0.4 A vulnerability classified as critical was found in Sichuan Yougou Technology KuERP up to 1.0.4. | 9.8 |
| 2024-01-26 | CVE-2024-23629 | Improper Authentication vulnerability in Motorola Mr2600 Firmware An authentication bypass vulnerability exists in the web component of the Motorola MR2600. | 7.5 |
| 2024-01-25 | CVE-2024-0822 | Improper Authentication vulnerability in Ovirt Ovirt-Engine An authentication bypass vulnerability was found in overt-engine. | 7.5 |
| 2024-01-25 | CVE-2024-0879 | Improper Authentication vulnerability in Mintplexlabs Vector Admin Authentication bypass in vector-admin allows a user to register to a vector-admin server while “domain restriction” is active, even when not owning an authorized email address. | 4.3 |
| 2024-01-23 | CVE-2023-50275 | Improper Authentication vulnerability in HP Oneview HPE OneView may allow clusterService Authentication Bypass resulting in denial of service. | 7.5 |
| 2024-01-23 | CVE-2024-23219 | Improper Authentication vulnerability in Apple Ipados The issue was addressed with improved authentication. | 6.2 |