Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-30 | CVE-2021-45900 | Improper Authentication vulnerability in Vivoh Webinar Manager Vivoh Webinar Manager before 3.6.3.0 has improper API authentication. | 6.5 |
| 2022-03-30 | CVE-2019-9564 | Improper Authentication vulnerability in Wyze products A vulnerability in the authentication logic of Wyze Cam Pan v2, Cam v2, Cam v3 allows an attacker to bypass login and control the devices. | 9.8 |
| 2022-03-30 | CVE-2022-23795 | Improper Authentication vulnerability in Joomla Joomla! An issue was discovered in Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0. | 9.8 |
| 2022-03-29 | CVE-2022-22935 | Improper Authentication vulnerability in Saltstack Salt An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. | 3.7 |
| 2022-03-29 | CVE-2022-1084 | Improper Authentication vulnerability in ONE Church Management System Project ONE Church Management System 1.0 A vulnerability classified as critical was found in SourceCodester One Church Management System 1.0. | 9.8 |
| 2022-03-28 | CVE-2022-0342 | Improper Authentication vulnerability in Zyxel products An authentication bypass vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.20 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware versions 4.32 through 5.20, VPN series firmware versions 4.30 through 5.20, and NSG series firmware versions V1.20 through V1.33 Patch 4, which could allow an attacker to bypass the web authentication and obtain administrative access of the device. | 9.8 |
| 2022-03-28 | CVE-2021-26598 | Improper Authentication vulnerability in Impresscms ImpressCMS before 1.4.3 has Incorrect Access Control because include/findusers.php allows access by unauthenticated attackers (who are, by design, able to have a security token). | 5.3 |
| 2022-03-25 | CVE-2021-26620 | Improper Authentication vulnerability in Iptime products An improper authentication vulnerability leading to information leakage was discovered in iptime NAS2dual. | 7.5 |
| 2022-03-24 | CVE-2021-31326 | Improper Authentication vulnerability in Dlink Dir-816 Firmware 1.10Cnb05 D-Link DIR-816 A2 1.10 B05 allows unauthenticated attackers to arbitrarily reset the device via a crafted tokenid parameter to /goform/form2Reboot.cgi. | 9.8 |
| 2022-03-23 | CVE-2021-4197 | Improper Authentication vulnerability in multiple products An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. | 7.8 |