Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-16 | CVE-2017-20133 | Improper Authentication vulnerability in Itechscripts JOB Portal Script 9.13 A vulnerability, which was classified as critical, was found in Itech Job Portal Script 9.13. | 9.8 |
| 2022-07-12 | CVE-2022-30755 | Improper Authentication vulnerability in Google Android 10.0/11.0/12.0 Improper authentication vulnerability in AppLock prior to SMR Jul-2022 Release 1 allows attacker to bypass password confirm activity by hijacking the implicit intent. | 7.8 |
| 2022-07-12 | CVE-2022-33736 | Improper Authentication vulnerability in Siemens Opcenter Quality A vulnerability has been identified in Opcenter Quality V13.1 (All versions < V13.1.20220624), Opcenter Quality V13.2 (All versions < V13.2.20220624). | 7.5 |
| 2022-07-11 | CVE-2022-2302 | Improper Authentication vulnerability in Lenze C520 Firmware, C550 Firmware and C750 Firmware Multiple Lenze products of the cabinet series skip the password verification upon second login. | 9.8 |
| 2022-07-07 | CVE-2015-5298 | Improper Authentication vulnerability in Jenkins Google Login 1.0/1.1 The Google Login Plugin (versions 1.0 and 1.1) allows malicious anonymous users to authenticate successfully against Jenkins instances that are supposed to be locked down to a particular Google Apps domain through client-side request modification. | 6.5 |
| 2022-07-05 | CVE-2021-43116 | Improper Authentication vulnerability in Alibaba Nacos An Access Control vulnerability exists in Nacos 2.0.3 in the access prompt page; enter username and password, click on login to capture packets and then change the returned package, which lets a malicious user login. | 8.8 |
| 2022-07-04 | CVE-2022-28713 | Improper Authentication vulnerability in Cybozu Garoon Improper authentication vulnerability in Scheduler of Cybozu Garoon 4.10.0 to 5.5.1 allows a remote attacker to obtain some data of Facility Information without logging in to the product. | 5.3 |
| 2022-06-30 | CVE-2021-41995 | Improper Authentication vulnerability in Pingidentity Pingid Integration for mac Login A misconfiguration of RSA in PingID Mac Login prior to 1.1 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass. | 7.5 |
| 2022-06-30 | CVE-2022-1955 | Improper Authentication vulnerability in Opft Session 1.13.0 Session 1.13.0 allows an attacker with physical access to the victim's device to bypass the application's password/pin lock to access user data. | 4.6 |
| 2022-06-30 | CVE-2021-41506 | Improper Authentication vulnerability in Xiongmaitech products Xiaongmai AHB7008T-MH-V2, AHB7804R-ELS, AHB7804R-MH-V2, AHB7808R-MS-V2, AHB7808R-MS, AHB7808T-MS-V2, AHB7804R-LMS, HI3518_50H10L_S39 V4.02.R11.7601.Nat.Onvif.20170420, V4.02.R11.Nat.Onvif.20160422, V4.02.R11.7601.Nat.Onvif.20170424, V4.02.R11.Nat.Onvif.20170327, V4.02.R11.Nat.Onvif.20161205, V4.02.R11.Nat.20170301, V4.02.R12.Nat.OnvifS.20170727 is affected by a backdoor in the macGuarder and dvrHelper binaries of DVR/NVR/IP camera firmware due to static root account credentials in the system. | 9.8 |