Vulnerabilities > Improper Authentication
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-07-08 | CVE-2024-39723 | Improper Authentication vulnerability in IBM Storage Virtualize 8.6 IBM FlashSystem 5300 USB ports may be usable even if the port has been disabled by the administrator. | 4.6 |
2024-07-02 | CVE-2024-20889 | Improper Authentication vulnerability in Samsung Android 12.0/13.0/14.0 Improper authentication in BLE prior to SMR Jul-2024 Release 1 allows adjacent attackers to pair with devices. | 4.3 |
2024-07-02 | CVE-2024-20890 | Improper Authentication vulnerability in Samsung Android 12.0/13.0/14.0 Improper input validation in BLE prior to SMR Jul-2024 Release 1 allows adjacent attackers to trigger abnormal behavior. | 8.8 |
2024-07-02 | CVE-2024-20900 | Improper Authentication vulnerability in Samsung Android 12.0/13.0/14.0 Improper authentication in MTP application prior to SMR Jul-2024 Release 1 allows local attackers to enter MTP mode without proper authentication. | 3.3 |
2024-07-02 | CVE-2024-34596 | Improper Authentication vulnerability in Samsung Smartthings Improper authentication in SmartThings prior to version 1.8.17 allows remote attackers to bypass the expiration date for members set by the owner. | 7.5 |
2024-07-01 | CVE-2024-28200 | Improper Authentication vulnerability in N-Able N-Central 2023.4/2023.6/2023.7 The N-central server is vulnerable to an authentication bypass of the user interface. | 9.8 |
2024-06-26 | CVE-2024-27867 | Improper Authentication vulnerability in Apple products An authentication issue was addressed with improved state management. | 4.3 |
2024-06-25 | CVE-2024-5012 | Improper Authentication vulnerability in Progress Whatsup Gold In WhatsUp Gold versions released before 2023.1.3, there is a missing authentication vulnerability in WUGDataAccess.Credentials. | 8.6 |
2024-06-25 | CVE-2024-37085 | Improper Authentication vulnerability in VMWare Cloud Foundation and Esxi VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management https://blogs.vmware.com/vsphere/2012/09/joining-vsphere-hosts-to-active-directory.html by re-creating the configured AD group ('ESXi Admins' by default) after it was deleted from AD. | 7.2 |
2024-06-25 | CVE-2024-5805 | Improper Authentication vulnerability in Progress Moveit Gateway 2024.0 Improper Authentication vulnerability in Progress MOVEit Gateway (SFTP modules) allows Authentication Bypass.This issue affects MOVEit Gateway: 2024.0.0. | 9.1 |