Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-18 | CVE-2021-40874 | Improper Authentication vulnerability in multiple products An issue was discovered in LemonLDAP::NG (aka lemonldap-ng) 2.0.13. | 9.8 |
| 2022-07-17 | CVE-2022-30550 | Improper Authentication vulnerability in multiple products An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. | 8.8 |
| 2022-07-16 | CVE-2017-20133 | Improper Authentication vulnerability in Itechscripts JOB Portal Script 9.13 A vulnerability, which was classified as critical, was found in Itech Job Portal Script 9.13. | 9.8 |
| 2022-07-12 | CVE-2022-30755 | Improper Authentication vulnerability in Google Android 10.0/11.0/12.0 Improper authentication vulnerability in AppLock prior to SMR Jul-2022 Release 1 allows attacker to bypass password confirm activity by hijacking the implicit intent. | 7.8 |
| 2022-07-12 | CVE-2022-33736 | Improper Authentication vulnerability in Siemens Opcenter Quality A vulnerability has been identified in Opcenter Quality V13.1 (All versions < V13.1.20220624), Opcenter Quality V13.2 (All versions < V13.2.20220624). | 7.5 |
| 2022-07-11 | CVE-2022-2302 | Improper Authentication vulnerability in Lenze C520 Firmware, C550 Firmware and C750 Firmware Multiple Lenze products of the cabinet series skip the password verification upon second login. | 9.8 |
| 2022-07-07 | CVE-2015-5298 | Improper Authentication vulnerability in Jenkins Google Login 1.0/1.1 The Google Login Plugin (versions 1.0 and 1.1) allows malicious anonymous users to authenticate successfully against Jenkins instances that are supposed to be locked down to a particular Google Apps domain through client-side request modification. | 6.5 |
| 2022-07-05 | CVE-2021-43116 | Improper Authentication vulnerability in Alibaba Nacos An Access Control vulnerability exists in Nacos 2.0.3 in the access prompt page; enter username and password, click on login to capture packets and then change the returned package, which lets a malicious user login. | 8.8 |
| 2022-07-04 | CVE-2022-28713 | Improper Authentication vulnerability in Cybozu Garoon Improper authentication vulnerability in Scheduler of Cybozu Garoon 4.10.0 to 5.5.1 allows a remote attacker to obtain some data of Facility Information without logging in to the product. | 5.3 |
| 2022-06-30 | CVE-2021-41995 | Improper Authentication vulnerability in Pingidentity Pingid Integration for mac Login A misconfiguration of RSA in PingID Mac Login prior to 1.1 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass. | 7.5 |