Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-20 | CVE-2022-46313 | Improper Authentication vulnerability in Huawei Harmonyos The sensor privacy module has an authentication vulnerability. | 5.3 |
| 2022-12-20 | CVE-2022-46316 | Improper Authentication vulnerability in Huawei Harmonyos 2.0/2.0.0/2.0.1 A thread security vulnerability exists in the authentication process. | 9.8 |
| 2022-12-19 | CVE-2022-3875 | Improper Authentication vulnerability in Clickstudios Passwordstate A vulnerability classified as critical was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. | 7.5 |
| 2022-12-19 | CVE-2022-42453 | Improper Authentication vulnerability in Hcltech Bigfix Platform There are insufficient warnings when a Fixlet is imported by a user. | 6.5 |
| 2022-12-16 | CVE-2022-47209 | Improper Authentication vulnerability in Netgear Rax30 Firmware A support user exists on the device and appears to be a backdoor for Technical Support staff. | 8.8 |
| 2022-12-16 | CVE-2021-35252 | Improper Authentication vulnerability in Solarwinds Serv-U Common encryption key appears to be used across all deployed instances of Serv-U FTP Server. | 7.5 |
| 2022-12-14 | CVE-2022-23501 | Improper Authentication vulnerability in Typo3 TYPO3 is an open source PHP based web content management system. | 6.5 |
| 2022-12-13 | CVE-2022-2757 | Improper Authentication vulnerability in Kingspan Tms300 CS Firmware Due to the lack of adequately implemented access-control rules, all versions Kingspan TMS300 CS are vulnerable to an attacker viewing and modifying the application settings without authenticating by accessing a specific uniform resource locator (URL) on the webserver. | 9.1 |
| 2022-12-09 | CVE-2022-29838 | Improper Authentication vulnerability in Westerndigital MY Cloud OS Improper Authentication vulnerability in the encrypted volumes and auto mount features of Western Digital My Cloud devices allows insecure direct access to the drive information in the case of a device reset. | 4.6 |
| 2022-12-09 | CVE-2022-2752 | Improper Authentication vulnerability in Secomea Gatemanager 9.6.621421014 A vulnerability in the web server of Secomea GateManager allows a local user to impersonate as the previous user under some failed login conditions. This issue affects: Secomea GateManager versions from 9.4 through 9.7. | 7.8 |