Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-07 | CVE-2020-36528 | Improper Authentication vulnerability in Platinumchina Platinum Mobile 1.0.4.850 A vulnerability, which was classified as critical, was found in Platinum Mobile 1.0.4.850. | 6.5 |
| 2022-06-07 | CVE-2020-36533 | Improper Authentication vulnerability in Klapp APP A vulnerability was found in Klapp App and classified as problematic. | 9.8 |
| 2022-06-02 | CVE-2022-31463 | Improper Authentication vulnerability in Owllabs Meeting OWL PRO Firmware 5.2.0.15 Owl Labs Meeting Owl 5.2.0.15 does not require a password for Bluetooth commands, because only client-side authentication is used. | 7.1 |
| 2022-06-02 | CVE-2022-26975 | Improper Authentication vulnerability in Barco Control Room Management Suite Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing log files without authentication. | 7.5 |
| 2022-06-02 | CVE-2022-30034 | Improper Authentication vulnerability in Flower Project Flower Flower, a web UI for the Celery Python RPC framework, all versions as of 05-02-2022 is vulnerable to an OAuth authentication bypass. | 8.6 |
| 2022-05-26 | CVE-2022-26724 | Improper Authentication vulnerability in Apple Tvos An authentication issue was addressed with improved state management. | 5.5 |
| 2022-05-26 | CVE-2022-24422 | Improper Authentication vulnerability in Dell Idrac9 Dell iDRAC9 versions 5.00.00.00 and later but prior to 5.10.10.00, contain an improper authentication vulnerability. | 9.8 |
| 2022-05-26 | CVE-2022-26865 | Improper Authentication vulnerability in Dell Supportassist OS Recovery 5.5.1 Dell Support Assist OS Recovery versions before 5.5.2 contain an Authentication Bypass vulnerability. | 6.8 |
| 2022-05-24 | CVE-2021-4230 | Improper Authentication vulnerability in Airfield Online Project Airfield Online A vulnerability has been found in Airfield Online and classified as problematic. | 7.5 |
| 2022-05-24 | CVE-2022-0910 | Improper Authentication vulnerability in Zyxel products A downgrade from two-factor authentication to one-factor authentication vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.32 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, and VPN series firmware versions 4.32 through 5.21, that could allow an authenticated attacker to bypass the second authentication phase to connect the IPsec VPN server even though the two-factor authentication (2FA) was enabled. | 6.5 |