Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-17 | CVE-2022-3173 | Improper Authentication vulnerability in Snipeitapp Snipe-It Improper Authentication in GitHub repository snipe/snipe-it prior to 6.0.10. | 4.3 |
| 2022-09-16 | CVE-2022-39009 | Improper Authentication vulnerability in Huawei Emui and Harmonyos The WLAN module has a vulnerability in permission verification. | 9.8 |
| 2022-09-16 | CVE-2021-42949 | Improper Authentication vulnerability in Digitaldruid Hoteldruid 3.0.3 The component controlla_login function in HotelDruid Hotel Management Software v3.0.3 generates a predictable session token, allowing attackers to bypass authentication via bruteforce attacks. | 9.8 |
| 2022-09-16 | CVE-2022-25652 | Improper Authentication vulnerability in Qualcomm products Cryptographic issues in BSP due to improper hash verification in Snapdragon Wired Infrastructure and Networking | 7.8 |
| 2022-09-14 | CVE-2022-36436 | Improper Authentication vulnerability in Osuosl Twisted VNC Authentication Proxy OSU Open Source Lab VNCAuthProxy through 1.1.1 is affected by an vncap/vnc/protocol.py VNCServerAuthenticator authentication-bypass vulnerability that could allow a malicious actor to gain unauthorized access to a VNC session or to disconnect a legitimate user from a VNC session. | 9.8 |
| 2022-09-13 | CVE-2022-40622 | Improper Authentication vulnerability in Wavlink Wn531G3 Firmware M31G3.V5030.200325 The WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 uses IP addresses to hold sessions and does not not use session tokens. | 8.8 |
| 2022-09-13 | CVE-2022-39205 | Improper Authentication vulnerability in Onedev Project Onedev Onedev is an open source, self-hosted Git Server with CI/CD and Kanban. | 9.8 |
| 2022-09-13 | CVE-2022-36106 | Improper Authentication vulnerability in Typo3 TYPO3 is an open source PHP based web content management system released under the GNU GPL. | 5.4 |
| 2022-09-13 | CVE-2022-39801 | Improper Authentication vulnerability in SAP Access Control 12 SAP GRC Access control Emergency Access Management allows an authenticated attacker to access a Firefighter session even after it is closed in Firefighter Logon Pad. | 7.5 |
| 2022-09-09 | CVE-2022-38064 | Improper Authentication vulnerability in Openharmony 3.1/3.1.1/3.1.2 OpenHarmony-v3.1.2 and prior versions have a permission bypass vulnerability. | 5.5 |