Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-05 | CVE-2022-33720 | Improper Authentication vulnerability in Google Android 10.0/11.0 Improper authentication vulnerability in AppLock prior to SMR Aug-2022 Release 1 allows physical attacker to access Chrome locked by AppLock via new tap shortcut. | 2.4 |
| 2022-08-04 | CVE-2022-35142 | Improper Authentication vulnerability in Raneto Project Raneto An issue in Renato v0.17.0 allows attackers to cause a Denial of Service (DoS) via a crafted payload injected into the Search parameter. | 7.5 |
| 2022-08-03 | CVE-2022-27484 | Improper Authentication vulnerability in Fortinet Fortiadc A unverified password change in Fortinet FortiADC version 6.2.0 through 6.2.3, 6.1.x, 6.0.x, 5.x.x allows an authenticated attacker to bypass the Old Password check in the password change form via a crafted HTTP request. | 4.3 |
| 2022-07-26 | CVE-2022-30270 | Improper Authentication vulnerability in Motorola Ace1000 Firmware The Motorola ACE1000 RTU through 2022-05-02 has default credentials. | 9.8 |
| 2022-07-26 | CVE-2022-36412 | Improper Authentication vulnerability in Zohocorp Manageengine Supportcenter Plus 11.0 In Zoho ManageEngine SupportCenter Plus before 11023, V3 API requests are vulnerable to authentication bypass. | 9.8 |
| 2022-07-25 | CVE-2022-34575 | Improper Authentication vulnerability in Wavlink Wifi-Repeater Firmware Rpta277W.M4300.01.Gd.2017Sep19 An access control issue in Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19 allows attackers to obtain the key information of the device via accessing fctest.shtml. | 5.7 |
| 2022-07-20 | CVE-2022-26136 | Improper Authentication vulnerability in Atlassian products A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to bypass Servlet Filters used by first and third party apps. | 9.8 |
| 2022-07-19 | CVE-2022-34535 | Improper Authentication vulnerability in DW Megapix Firmware 4.2.0.32842 Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 allows unauthenticated attackers to view internal paths and scripts via web files. | 7.5 |
| 2022-07-18 | CVE-2022-30623 | Improper Authentication vulnerability in Chcnav P5E Gnss Firmware 4.1/4.2 The server checks the user's cookie in a non-standard way, and a value is entered in the cookie value name of the status and its value is set to true to bypass the identification with the system using a username and password. | 9.8 |
| 2022-07-18 | CVE-2022-30624 | Improper Authentication vulnerability in Chcnav P5E Gnss Firmware 4.1/4.2 Browsing the admin.html page allows the user to reset the admin password. | 7.5 |