Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-11 | CVE-2021-46740 | Improper Authentication vulnerability in Huawei Emui and Harmonyos The device authentication service module has a defect vulnerability introduced in the design process.Successful exploitation of this vulnerability may affect data confidentiality. | 7.5 |
| 2022-04-11 | CVE-2022-1067 | Improper Authentication vulnerability in Lifepoint Patient Portal Navigating to a specific URL with a patient ID number will result in the server generating a PDF of a lab report without authentication and rate limiting. | 6.5 |
| 2022-04-11 | CVE-2022-25832 | Improper Authentication vulnerability in Google Android 11.0/12.0 Improper authentication vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical attackers to use locked Myfiles app without authentication. | 6.8 |
| 2022-04-11 | CVE-2022-25833 | Improper Authentication vulnerability in Google Android 10.0/11.0 Improper authentication in ImsService prior to SMR Apr-2022 Release 1 allows attackers to get IMSI without READ_PRIVILEGED_PHONE_STATE permission. | 3.3 |
| 2022-04-11 | CVE-2022-26091 | Improper Authentication vulnerability in Google Android 10.0/11.0/12.0 Improper access control vulnerability in Knox Manage prior to SMR Apr-2022 Release 1 allows that physical attackers can bypass Knox Manage using a function key of hardware keyboard. | 6.8 |
| 2022-04-11 | CVE-2022-27839 | Improper Authentication vulnerability in Samsung Internet Improper authentication vulnerability in SecretMode in Samsung Internet prior to version 16.2.1 allows attackers to access bookmark tab without proper credentials. | 4.0 |
| 2022-04-04 | CVE-2021-32980 | Improper Authentication vulnerability in Automationdirect products Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 does not protect against additional software programming connections. | 9.8 |
| 2022-04-04 | CVE-2021-32984 | Improper Authentication vulnerability in Automationdirect products All programming connections receive the same unlocked privileges, which can result in a privilege escalation. | 9.8 |
| 2022-04-04 | CVE-2022-24813 | Improper Authentication vulnerability in Miraheze Createwiki CreateWiki is Miraheze's MediaWiki extension for requesting & creating wikis. | 5.3 |
| 2022-04-03 | CVE-2022-28376 | Improper Authentication vulnerability in Verizon Lvskihp Firmware 20220215 Verizon 5G Home LVSKIHP outside devices through 2022-02-15 allow anyone (knowing the device's serial number) to access a CPE admin website, e.g., at the 10.0.0.1 IP address. | 8.1 |