Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-16 | CVE-2023-21460 | Improper Authentication vulnerability in Samsung Android 11.0/12.0/13.0 Improper authentication in SecSettings prior to SMR Mar-2023 Release 1 allows attacker to reset the setting. | 4.4 |
| 2023-03-15 | CVE-2023-28461 | Improper Authentication vulnerability in Arraynetworks Arrayos AG 9.4.0.469/9.4.0.470/9.4.0.481 Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. | 9.8 |
| 2023-03-15 | CVE-2022-46773 | Improper Authentication vulnerability in IBM products IBM Robotic Process Automation 21.0.0 - 21.0.7 and 23.0.0 is vulnerable to client-side validation bypass for credential pools. | 6.5 |
| 2023-03-14 | CVE-2023-1327 | Improper Authentication vulnerability in Netgear Rax30 Firmware 1.0.3.64/1.0.4.66/1.0.5.70 Netgear RAX30 (AX2400), prior to version 1.0.6.74, was affected by an authentication bypass vulnerability, allowing an unauthenticated attacker to gain administrative access to the device's web management interface by resetting the admin password. | 9.8 |
| 2023-03-14 | CVE-2023-25957 | Improper Authentication vulnerability in Mendix Saml A vulnerability has been identified in Mendix SAML (Mendix 7 compatible) (All versions >= V1.16.4 < V1.17.3), Mendix SAML (Mendix 8 compatible) (All versions >= V2.2.0 < V2.3.0), Mendix SAML (Mendix 9 latest compatible, New Track) (All versions >= V3.1.9 < V3.3.1), Mendix SAML (Mendix 9 latest compatible, Upgrade Track) (All versions >= V3.1.8 < V3.3.0), Mendix SAML (Mendix 9.6 compatible, New Track) (All versions >= V3.1.9 < V3.2.7), Mendix SAML (Mendix 9.6 compatible, Upgrade Track) (All versions >= V3.1.8 < V3.2.6). | 7.5 |
| 2023-03-14 | CVE-2023-23857 | Improper Authentication vulnerability in SAP Netweaver Application Server for Java 7.50 Due to missing authentication check, SAP NetWeaver AS for Java - version 7.50, allows an unauthenticated attacker to attach to an open interface and make use of an open naming and directory API to access services which can be used to perform unauthorized operations affecting users and services across systems. | 8.6 |
| 2023-03-13 | CVE-2023-27582 | Improper Authentication vulnerability in Maddy Project Maddy maddy is a composable, all-in-one mail server. | 9.8 |
| 2023-03-10 | CVE-2022-44574 | Improper Authentication vulnerability in Ivanti Avalanche An improper authentication vulnerability exists in Avalanche version 6.3.x and below allows unauthenticated attacker to modify properties on specific port. | 7.5 |
| 2023-03-10 | CVE-2022-33242 | Improper Authentication vulnerability in Qualcomm products Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD. | 7.8 |
| 2023-03-08 | CVE-2023-27482 | Improper Authentication vulnerability in Home-Assistant Supervisor homeassistant is an open source home automation tool. | 10.0 |