Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-27 | CVE-2022-38744 | Improper Authentication vulnerability in Rockwellautomation Factorytalk Alarms and Events An unauthenticated attacker with network access to a victim's Rockwell Automation FactoryTalk Alarm and Events service could open a connection, causing the service to fault and become unavailable. | 7.5 |
| 2022-10-26 | CVE-2022-40703 | Improper Authentication vulnerability in Alivecor Kardia 5.17.1754993421 CWE-302 Authentication Bypass by Assumed-Immutable Data in AliveCor Kardia App version 5.17.1-754993421 and prior on Android allows an unauthenticated attacker with physical access to the Android device containing the app to bypass application authentication and alter information in the app. | 6.1 |
| 2022-10-26 | CVE-2022-39355 | Improper Authentication vulnerability in Discourse Patreon Discourse Patreon enables syncronization between Discourse Groups and Patreon rewards. | 9.8 |
| 2022-10-26 | CVE-2022-39360 | Improper Authentication vulnerability in Metabase Metabase is data visualization software. | 6.5 |
| 2022-10-21 | CVE-2022-26870 | Improper Authentication vulnerability in Dell Powerstoreos 2.1.0.0/2.1.0.1 Dell PowerStore versions 2.1.0.x contain an Authentication bypass vulnerability. | 9.8 |
| 2022-10-21 | CVE-2022-43400 | Improper Authentication vulnerability in Siemens Siveillance Video Mobile Server A vulnerability has been identified in Siveillance Video Mobile Server V2022 R2 (All versions < V22.2a (80)). | 9.8 |
| 2022-10-20 | CVE-2022-42233 | Improper Authentication vulnerability in Tenda 11N Firmware 5.07.33Cn Tenda 11N with firmware version V5.07.33_cn suffers from an Authentication Bypass vulnerability. | 9.8 |
| 2022-10-20 | CVE-2022-37298 | Improper Authentication vulnerability in Shinken-Monitoring Shinken Monitoring 2.4.3 Shinken Solutions Shinken Monitoring Version 2.4.3 affected is vulnerable to Incorrect Access Control. | 9.8 |
| 2022-10-19 | CVE-2022-39267 | Improper Authentication vulnerability in Xbifrost Bifrost Bifrost is a heterogeneous middleware that synchronizes MySQL, MariaDB to Redis, MongoDB, ClickHouse, MySQL and other services for production environments. | 8.8 |
| 2022-10-18 | CVE-2022-40684 | Improper Authentication vulnerability in Fortinet Fortios, Fortiproxy and Fortiswitchmanager An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests. | 9.8 |