Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-20 | CVE-2024-42336 | Improper Authentication vulnerability in Servision IVG Webmax 1.0.57 Servision - CWE-287: Improper Authentication | 9.8 |
| 2024-08-16 | CVE-2024-42462 | Improper Authentication vulnerability in Upkeeper Manager Improper Authentication vulnerability in upKeeper Solutions product upKeeper Manager allows Authentication Bypass.This issue affects upKeeper Manager: through 5.1.9. | 9.8 |
| 2024-08-15 | CVE-2024-31800 | Improper Authentication vulnerability in Gncchome Gncc C2 Firmware Authentication Bypass in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to gain a privileged command shell via the UART Debugging Port. | 6.8 |
| 2024-08-14 | CVE-2024-25157 | Improper Authentication vulnerability in Fortra Goanywhere Managed File Transfer An authentication bypass vulnerability in GoAnywhere MFT prior to 7.6.0 allows Admin Users with access to the Agent Console to circumvent some permission checks when attempting to visit other pages. | 6.5 |
| 2024-08-14 | CVE-2024-37028 | Improper Authentication vulnerability in F5 Big-Ip Next Central Manager BIG-IP Next Central Manager may allow an attacker to lock out an account that has never been logged in. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | 5.3 |
| 2024-08-13 | CVE-2024-7593 | Improper Authentication vulnerability in Ivanti Virtual Traffic Management Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allows a remote unauthenticated attacker to bypass authentication of the admin panel. | 9.8 |
| 2024-08-13 | CVE-2024-7746 | Improper Authentication vulnerability in Traccar Use of Default Credentials vulnerability in Tananaev Solutions Traccar Server on Administrator Panel modules allows Authentication Abuse.This issue affects the privileged transactions implemented by the Traccar solution that should otherwise be protected by the authentication mechanism. These transactions could have an impact on any sensitive aspect of the platform, including Confidentiality, Integrity and Availability. | 9.8 |
| 2024-08-08 | CVE-2024-4784 | Improper Authentication vulnerability in Gitlab An issue was discovered in GitLab EE starting from version 16.7 before 17.0.6, version 17.1 before 17.1.4 and 17.2 before 17.2.2 that allowed bypassing the password re-entry requirement to approve a policy. | 5.4 |
| 2024-08-07 | CVE-2024-34788 | Improper Authentication vulnerability in Ivanti Endpoint Manager Mobile An improper authentication vulnerability in web component of EPMM prior to 12.1.0.1 allows a remote malicious user to access potentially sensitive information | 6.5 |
| 2024-08-07 | CVE-2024-36130 | Improper Authentication vulnerability in Ivanti Endpoint Manager Mobile An insufficient authorization vulnerability in web component of EPMM prior to 12.1.0.1 allows an unauthorized attacker within the network to execute arbitrary commands on the underlying operating system of the appliance. | 9.8 |