Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-14 | CVE-2022-41436 | Improper Authentication vulnerability in Oxhoo Tp50 Firmware Oxh1.50 An issue in OXHOO TP50 OXH1.50 allows unauthenticated attackers to access the administrative panel via browsing to the URL http://device_ip/index1.html. | 9.1 |
| 2022-10-14 | CVE-2022-42463 | Improper Authentication vulnerability in Openharmony 3.1/3.1.1/3.1.2 OpenHarmony-v3.1.2 and prior versions have an authenication bypass vulnerability in a callback handler function of Softbus_server in communication subsystem. | 8.8 |
| 2022-10-13 | CVE-2022-35135 | Improper Authentication vulnerability in Boodskap IOT Platform 4.4.902 Boodskap IoT Platform v4.4.9-02 allows attackers to escalate privileges via a crafted request sent to /api/user/upsert/<uuid>. | 8.8 |
| 2022-10-12 | CVE-2021-36369 | Improper Authentication vulnerability in multiple products An issue was discovered in Dropbear through 2020.81. | 7.5 |
| 2022-10-07 | CVE-2022-21936 | Improper Authentication vulnerability in Johnsoncontrols Metasys Extended Application and Data Server 12.0 On Metasys ADX Server version 12.0 running MVE, an Active Directory user could execute validated actions without providing a valid password when using MVE SMP UI. | 6.5 |
| 2022-10-06 | CVE-2022-40494 | Improper Authentication vulnerability in NPS Project NPS NPS before v0.26.10 was discovered to contain an authentication bypass vulnerability via constantly generating and sending the Auth key and Timestamp parameters. | 9.8 |
| 2022-09-30 | CVE-2022-20662 | Improper Authentication vulnerability in Cisco DUO 1.1.0/1.1.1/2.0 A vulnerability in the smart card login authentication of Cisco Duo for macOS could allow an unauthenticated attacker with physical access to bypass authentication. | 6.8 |
| 2022-09-29 | CVE-2022-39250 | Improper Authentication vulnerability in Matrix Javascript SDK Matrix JavaScript SDK is the Matrix Client-Server software development kit (SDK) for JavaScript. | 7.5 |
| 2022-09-29 | CVE-2021-40693 | Improper Authentication vulnerability in Moodle An authentication bypass risk was identified in the external database authentication functionality, due to a type juggling vulnerability. | 6.5 |
| 2022-09-28 | CVE-2022-39255 | Improper Authentication vulnerability in Matrix Software Development KIT Matrix iOS SDK allows developers to build iOS apps compatible with Matrix. | 7.5 |