Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-17 | CVE-2022-30550 | Improper Authentication vulnerability in multiple products An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. | 8.8 |
| 2022-07-17 | CVE-2022-2133 | Improper Authentication vulnerability in Miniorange Oauth Single Sign on The OAuth Single Sign On WordPress plugin before 6.22.6 doesn't validate that OAuth access token requests are legitimate, which allows attackers to log onto the site with the only knowledge of a user's email address. | 5.3 |
| 2022-07-16 | CVE-2017-20133 | Improper Authentication vulnerability in Itechscripts JOB Portal Script 9.13 A vulnerability, which was classified as critical, was found in Itech Job Portal Script 9.13. | 9.8 |
| 2022-07-12 | CVE-2022-30755 | Improper Authentication vulnerability in Google Android 10.0/11.0/12.0 Improper authentication vulnerability in AppLock prior to SMR Jul-2022 Release 1 allows attacker to bypass password confirm activity by hijacking the implicit intent. | 7.8 |
| 2022-07-12 | CVE-2022-33736 | Improper Authentication vulnerability in Siemens Opcenter Quality A vulnerability has been identified in Opcenter Quality V13.1 (All versions < V13.1.20220624), Opcenter Quality V13.2 (All versions < V13.2.20220624). | 7.5 |
| 2022-07-11 | CVE-2022-2302 | Improper Authentication vulnerability in Lenze C520 Firmware, C550 Firmware and C750 Firmware Multiple Lenze products of the cabinet series skip the password verification upon second login. | 9.8 |
| 2022-07-07 | CVE-2015-5298 | Improper Authentication vulnerability in Jenkins Google Login 1.0/1.1 The Google Login Plugin (versions 1.0 and 1.1) allows malicious anonymous users to authenticate successfully against Jenkins instances that are supposed to be locked down to a particular Google Apps domain through client-side request modification. | 6.5 |
| 2022-07-06 | CVE-2022-31125 | Improper Authentication vulnerability in Roxy-Wi Roxy-wi is an open source web interface for managing Haproxy, Nginx, Apache and Keepalived servers. | 9.8 |
| 2022-07-05 | CVE-2021-43116 | Improper Authentication vulnerability in Alibaba Nacos An Access Control vulnerability exists in Nacos 2.0.3 in the access prompt page; enter username and password, click on login to capture packets and then change the returned package, which lets a malicious user login. | 8.8 |
| 2022-07-04 | CVE-2022-28713 | Improper Authentication vulnerability in Cybozu Garoon Improper authentication vulnerability in Scheduler of Cybozu Garoon 4.10.0 to 5.5.1 allows a remote attacker to obtain some data of Facility Information without logging in to the product. | 5.3 |