Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-20 | CVE-2022-1801 | Improper Authentication vulnerability in Very Simple Contact Form Project Very Simple Contact Form The Very Simple Contact Form WordPress plugin before 11.6 exposes the solution to the captcha in the rendered contact form, both as hidden input fields and as plain text in the page, making it very easy for bots to bypass the captcha check, rendering the page a likely target for spam bots. | 7.5 |
| 2022-06-17 | CVE-2018-25043 | Improper Authentication vulnerability in Bittorrent Utorrent A vulnerability classified as critical was found in uTorrent. | 8.8 |
| 2022-06-17 | CVE-2020-36548 | Improper Authentication vulnerability in GE Voluson S8 Firmware A vulnerability classified as problematic has been found in GE Voluson S8. | 7.8 |
| 2022-06-17 | CVE-2022-32276 | Improper Authentication vulnerability in Grafana 8.4.3 Grafana 8.4.3 allows unauthenticated access via (for example) a /dashboard/snapshot/*?orgId=0 URI. | 7.5 |
| 2022-06-16 | CVE-2018-18907 | Improper Authentication vulnerability in Dlink Dir-850L Firmare An issue was discovered on D-Link DIR-850L 1.21WW devices. | 7.5 |
| 2022-06-16 | CVE-2022-33750 | Improper Authentication vulnerability in Broadcom CA Automic Automation 12.2/12.3 CA Automic Automation 12.2 and 12.3 contain an authentication error vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary commands. | 9.8 |
| 2022-06-16 | CVE-2022-29865 | Improper Authentication vulnerability in Opcfoundation UA .Net Standard Stack OPC UA .NET Standard Stack allows a remote attacker to bypass the application authentication check via crafted fake credentials. | 7.5 |
| 2022-06-15 | CVE-2022-30150 | Improper Authentication vulnerability in Microsoft products Windows Defender Remote Credential Guard Elevation of Privilege Vulnerability | 7.5 |
| 2022-06-15 | CVE-2022-21935 | Improper Authentication vulnerability in Johnsoncontrols products A vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 allows unverified password change. | 7.5 |
| 2022-06-15 | CVE-2022-20798 | Improper Authentication vulnerability in Cisco products A vulnerability in the external authentication functionality of Cisco Secure Email and Web Manager, formerly known as Cisco Security Management Appliance (SMA), and Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass authentication and log in to the web management interface of an affected device. | 9.8 |