Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-20 | CVE-2023-22964 | Improper Authentication vulnerability in Zohocorp Manageengine Servicedesk Plus MSP 10.6/13.0 Zoho ManageEngine ServiceDesk Plus MSP before 10611, and 13x before 13004, is vulnerable to authentication bypass when LDAP authentication is enabled. | 9.1 |
| 2023-01-20 | CVE-2023-22334 | Improper Authentication vulnerability in Contec Conprosys HMI System Use of password hash instead of password for authentication vulnerability in CONPROSYS HMI System (CHS) Ver.3.4.5 and earlier allows a remote authenticated attacker to obtain user credentials information via a man-in-the-middle attack. | 5.3 |
| 2023-01-18 | CVE-2021-4314 | Improper Authentication vulnerability in Linuxfoundation Zowe API Mediation Layer It is possible to manipulate the JWT token without the knowledge of the JWT secret and authenticate without valid JWT token as any user. | 5.3 |
| 2023-01-17 | CVE-2023-22303 | Improper Authentication vulnerability in Tp-Link Tl-Sg105Pe Firmware 1.0.0 TP-Link SG105PE firmware prior to 'TL-SG105PE(UN) 1.0_1.0.0 Build 20221208' contains an authentication bypass vulnerability. | 9.8 |
| 2023-01-13 | CVE-2023-0105 | Improper Authentication vulnerability in Redhat Keycloak A flaw was found in Keycloak. | 6.5 |
| 2023-01-11 | CVE-2022-4874 | Improper Authentication vulnerability in Netcommwireless Nf20 Firmware, Nf20Mesh Firmware and Nl1902 Firmware Authentication bypass in Netcomm router models NF20MESH, NF20, and NL1902 allows an unauthenticated user to access content. | 7.5 |
| 2023-01-10 | CVE-2022-35401 | Improper Authentication vulnerability in Asus Rt-Ax82U Firmware 3.0.0.4.38649674Ge182230 An authentication bypass vulnerability exists in the get_IFTTTTtoken.cgi functionality of Asus RT-AX82U 3.0.0.4.386_49674-ge182230. | 8.1 |
| 2023-01-07 | CVE-2022-1101 | Improper Authentication vulnerability in Event Management System Project Event Management System 1.0 A vulnerability was found in SourceCodester Royale Event Management System 1.0. | 9.8 |
| 2023-01-05 | CVE-2021-40342 | Improper Authentication vulnerability in Hitachienergy Foxman-Un and Unem In the DES implementation, the affected product versions use a default key for encryption. | 9.8 |
| 2022-12-31 | CVE-2022-48195 | Improper Authentication vulnerability in Mellium Sasl 0.3.0 An issue was discovered in Mellium mellium.im/sasl before 0.3.1. | 9.8 |