Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-16 | CVE-2022-39009 | Improper Authentication vulnerability in Huawei Emui and Harmonyos The WLAN module has a vulnerability in permission verification. | 9.8 |
| 2022-09-16 | CVE-2021-42949 | Improper Authentication vulnerability in Digitaldruid Hoteldruid 3.0.3 The component controlla_login function in HotelDruid Hotel Management Software v3.0.3 generates a predictable session token, allowing attackers to bypass authentication via bruteforce attacks. | 9.8 |
| 2022-09-16 | CVE-2022-25652 | Improper Authentication vulnerability in Qualcomm products Cryptographic issues in BSP due to improper hash verification in Snapdragon Wired Infrastructure and Networking | 7.8 |
| 2022-09-14 | CVE-2022-36436 | Improper Authentication vulnerability in Osuosl Twisted VNC Authentication Proxy OSU Open Source Lab VNCAuthProxy through 1.1.1 is affected by an vncap/vnc/protocol.py VNCServerAuthenticator authentication-bypass vulnerability that could allow a malicious actor to gain unauthorized access to a VNC session or to disconnect a legitimate user from a VNC session. | 9.8 |
| 2022-09-13 | CVE-2022-40622 | Improper Authentication vulnerability in Wavlink Wn531G3 Firmware M31G3.V5030.200325 The WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 uses IP addresses to hold sessions and does not not use session tokens. | 8.8 |
| 2022-09-09 | CVE-2022-38064 | Improper Authentication vulnerability in Openharmony 3.1/3.1.1/3.1.2 OpenHarmony-v3.1.2 and prior versions have a permission bypass vulnerability. | 5.5 |
| 2022-09-09 | CVE-2022-38081 | Improper Authentication vulnerability in Openharmony 3.1/3.1.1/3.1.2 OpenHarmony-v3.1.2 and prior versions have a permission bypass vulnerability. | 5.5 |
| 2022-09-09 | CVE-2022-38700 | Improper Authentication vulnerability in Openharmony 3.1.1 OpenHarmony-v3.1.1 and prior versions have a permission bypass vulnerability. | 8.8 |
| 2022-09-08 | CVE-2022-36093 | Improper Authentication vulnerability in Xwiki XWiki Platform Web Templates are templates for XWiki Platform, a generic wiki platform. | 7.1 |
| 2022-09-08 | CVE-2022-20923 | Improper Authentication vulnerability in Cisco products A vulnerability in the IPSec VPN Server authentication functionality of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to bypass authentication controls and access the IPSec VPN network. | 9.8 |