Vulnerabilities > Improper Authentication

DATE CVE VULNERABILITY TITLE RISK
2022-03-17 CVE-2022-26504 Improper Authentication vulnerability in Veeam Backup & Replication
Improper authentication in Veeam Backup & Replication 9.5U3, 9.5U4,10.x and 11.x component used for Microsoft System Center Virtual Machine Manager (SCVMM) allows attackers execute arbitrary code via Veeam.Backup.PSManager.exe
network
low complexity
veeam CWE-287
8.8
2022-03-16 CVE-2021-45786 Improper Authentication vulnerability in Maccms 10.0
In maccms v10, an attacker can log in through /index.php/user/login in the "col" and "openid" parameters to gain privileges.
network
low complexity
maccms CWE-287
critical
9.8
2022-03-14 CVE-2022-24740 Improper Authentication vulnerability in Plone Volto
Volto is a ReactJS-based frontend for the Plone Content Management System.
network
high complexity
plone CWE-287
7.5
2022-03-13 CVE-2021-36368 Improper Authentication vulnerability in multiple products
An issue was discovered in OpenSSH before 8.9.
network
high complexity
openbsd debian CWE-287
3.7
2022-03-11 CVE-2022-22729 Improper Authentication vulnerability in Yokogawa products
CAMS for HIS Server contained in the following Yokogawa Electric products improperly authenticate the receiving packets.
network
low complexity
yokogawa CWE-287
8.8
2022-03-10 CVE-2022-25816 Improper Authentication vulnerability in Google Android 10.0/11.0/12.0
Improper authentication in Samsung Lock and mask apps setting prior to SMR Mar-2022 Release 1 allows attacker to change enable/disable without authentication
low complexity
google CWE-287
4.6
2022-03-10 CVE-2022-25825 Improper Authentication vulnerability in Samasung Account
Improper access control vulnerability in Samsung Account prior to version 13.1.0.1 allows attackers to access to the authcode for sign-in.
local
low complexity
samasung CWE-287
5.5
2022-03-10 CVE-2022-24285 Improper Authentication vulnerability in Acer Care Center 4.00.3000/4.00.3038
Acer Care Center 4.00.30xx before 4.00.3042 contains a local privilege escalation vulnerability.
local
low complexity
acer CWE-287
7.8
2022-03-10 CVE-2022-24286 Improper Authentication vulnerability in Acer Quickaccess
Acer QuickAccess 2.01.300x before 2.01.3030 and 3.00.30xx before 3.00.3038 contains a local privilege escalation vulnerability.
local
low complexity
acer CWE-287
7.8
2022-03-10 CVE-2022-23383 Improper Authentication vulnerability in Yzmcms 6.3
YzmCMS v6.3 is affected by broken access control.
network
low complexity
yzmcms CWE-287
critical
9.1