Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-30 | CVE-2023-27536 | Improper Authentication vulnerability in multiple products An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. | 5.9 |
| 2023-03-30 | CVE-2023-27538 | Improper Authentication vulnerability in multiple products An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. | 5.5 |
| 2023-03-29 | CVE-2023-28503 | Improper Authentication vulnerability in Rocketsoftware Unidata and Universe Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from an authentication bypass vulnerability, where a special username with a deterministic password can be leveraged to bypass authentication checks and execute OS commands as the root user. | 9.8 |
| 2023-03-29 | CVE-2022-43620 | Improper Authentication vulnerability in Dlink Dir-1935 Firmware 1.03 This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-1935 1.03 routers. | 8.8 |
| 2023-03-28 | CVE-2023-28398 | Improper Authentication vulnerability in Propumpservice Osprey Pump Controller Firmware 1.01 Osprey Pump Controller version 1.01 could allow an unauthenticated user to create an account and bypass authentication, thereby gaining unauthorized access to the system. | 9.8 |
| 2023-03-27 | CVE-2022-4126 | Improper Authentication vulnerability in ABB Rccmd Use of Default Password vulnerability in ABB RCCMD on Windows, Linux, MacOS allows Try Common or Default Usernames and Passwords.This issue affects RCCMD: before 4.40 230207. | 9.8 |
| 2023-03-20 | CVE-2022-45124 | Improper Authentication vulnerability in Wellintech Kinghistorian 35.01.00.05 An information disclosure vulnerability exists in the User authentication functionality of WellinTech KingHistorian 35.01.00.05. | 7.5 |
| 2023-03-18 | CVE-2023-28609 | Improper Authentication vulnerability in Ansible-Semaphore Ansible Semaphore api/auth.go in Ansible Semaphore before 2.8.89 mishandles authentication. | 9.8 |
| 2023-03-17 | CVE-2023-1464 | Improper Authentication vulnerability in Medicine Tracker System Project Medicine Tracker System 1.0 A vulnerability, which was classified as critical, was found in SourceCodester Medicine Tracker System 1.0. | 9.8 |
| 2023-03-17 | CVE-2023-1460 | Improper Authentication vulnerability in Online Pizza Ordering System Project Online Pizza Ordering System 1.0 A vulnerability was found in SourceCodester Online Pizza Ordering System 1.0. | 9.8 |