Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-22 | CVE-2024-41829 | Improper Authentication vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.07 an OAuth code for JetBrains Space could be stolen via Space Application connection | 7.5 |
| 2024-07-17 | CVE-2024-23465 | Improper Authentication vulnerability in Solarwinds Access Rights Manager The SolarWinds Access Rights Manager was found to be susceptible to an authentication bypass vulnerability. | 9.8 |
| 2024-07-17 | CVE-2024-6535 | Improper Authentication vulnerability in Redhat Service Interconnect 1.0 A flaw was found in Skupper. | 5.3 |
| 2024-07-15 | CVE-2024-39767 | Improper Authentication vulnerability in Mattermost Mobile 1.26.0/1.29.0/1.30.0 Mattermost Mobile Apps versions <=2.16.0 fail to validate that the push notifications received for a server actually came from this serve that which allows a malicious server to send push notifications with another server’s diagnostic ID or server URL and have them show up in mobile apps as that server’s push notifications. | 6.5 |
| 2024-07-11 | CVE-2024-38433 | Improper Authentication vulnerability in Nuvoton products Nuvoton - CWE-305: Authentication Bypass by Primary Weakness An attacker with write access to the SPI-Flash on an NPCM7xx BMC subsystem that uses the Nuvoton BootBlock reference code can modify the u-boot image header on flash parsed by the BootBlock which could lead to arbitrary code execution. | 6.7 |
| 2024-07-08 | CVE-2024-39723 | Improper Authentication vulnerability in IBM Storage Virtualize 8.6 IBM FlashSystem 5300 USB ports may be usable even if the port has been disabled by the administrator. | 4.6 |
| 2024-07-02 | CVE-2024-20889 | Improper Authentication vulnerability in Samsung Android 12.0/13.0/14.0 Improper authentication in BLE prior to SMR Jul-2024 Release 1 allows adjacent attackers to pair with devices. | 4.3 |
| 2024-07-02 | CVE-2024-20890 | Improper Authentication vulnerability in Samsung Android 12.0/13.0/14.0 Improper input validation in BLE prior to SMR Jul-2024 Release 1 allows adjacent attackers to trigger abnormal behavior. | 8.8 |
| 2024-07-02 | CVE-2024-20900 | Improper Authentication vulnerability in Samsung Android 12.0/13.0/14.0 Improper authentication in MTP application prior to SMR Jul-2024 Release 1 allows local attackers to enter MTP mode without proper authentication. | 3.3 |
| 2024-07-02 | CVE-2024-34596 | Improper Authentication vulnerability in Samsung Smartthings Improper authentication in SmartThings prior to version 1.8.17 allows remote attackers to bypass the expiration date for members set by the owner. | 7.5 |