Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-28 | CVE-2022-39251 | Improper Authentication vulnerability in Matrix Javascript SDK Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. | 7.5 |
| 2022-09-28 | CVE-2022-22523 | Improper Authentication vulnerability in Gavazziautomation products An improper authentication vulnerability exists in the Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 Web-App which allows an authentication bypass to the context of an unauthorised user if free-access is disabled. | 7.5 |
| 2022-09-26 | CVE-2022-39219 | Improper Authentication vulnerability in Xbifrost Bifrost Bifrost is a middleware package which can synchronize MySQL/MariaDB binlog data to other types of databases. | 6.5 |
| 2022-09-23 | CVE-2022-30124 | Improper Authentication vulnerability in Rocket.Chat An improper authentication vulnerability exists in Rocket.Chat Mobile App <4.14.1.22788 that allowed an attacker with physical access to a mobile device to bypass local authentication (PIN code). | 6.8 |
| 2022-09-23 | CVE-2022-35248 | Improper Authentication vulnerability in Rocket.Chat A improper authentication vulnerability exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 that allowed two factor authentication can be bypassed when telling the server to use CAS during login. | 8.8 |
| 2022-09-23 | CVE-2022-39231 | Improper Authentication vulnerability in Parseplatform Parse-Server Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. | 3.7 |
| 2022-09-20 | CVE-2021-33076 | Improper Authentication vulnerability in Intel products Improper authentication in firmware for some Intel(R) SSD DC Products may allow an unauthenticated user to potentially enable escalation of privilege via physical access. | 6.8 |
| 2022-09-19 | CVE-2022-28321 | Improper Authentication vulnerability in Linux-Pam The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. | 9.8 |
| 2022-09-19 | CVE-2022-40144 | Improper Authentication vulnerability in Trendmicro Apex ONE 2019 A vulnerability in Trend Micro Apex One and Trend Micro Apex One as a Service could allow an attacker to bypass the product's login authentication by falsifying request parameters on affected installations. | 9.8 |
| 2022-09-19 | CVE-2022-3218 | Improper Authentication vulnerability in Necta Wifi Mouse Server 1.7.8.5 Due to a reliance on client-side authentication, the WiFi Mouse (Mouse Server) from Necta LLC's authentication mechanism is trivially bypassed, which can result in remote code execution. | 9.8 |