Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-11 | CVE-2021-30317 | Improper Authentication vulnerability in Qualcomm products Improper validation of program headers containing ELF metadata can lead to image verification bypass in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | 7.8 |
| 2022-02-09 | CVE-2021-45331 | Improper Authentication vulnerability in Gitea An Authentication Bypass vulnerability exists in Gitea before 1.5.0, which could let a malicious user gain privileges. | 9.8 |
| 2022-02-07 | CVE-2022-23320 | Improper Authentication vulnerability in Xerox Xmpie Ustore 12.3.7244.0 XMPie uStore 12.3.7244.0 allows for administrators to generate reports based on raw SQL queries. | 7.5 |
| 2022-02-06 | CVE-2022-22831 | Improper Authentication vulnerability in Servisnet Tessa 0.0.2 An issue was discovered in Servisnet Tessa 0.0.2. | 9.8 |
| 2022-02-06 | CVE-2022-24551 | Improper Authentication vulnerability in Starwindsoftware NAS and SAN A flaw was found in StarWind Stack. | 8.8 |
| 2022-02-04 | CVE-2021-21965 | Improper Authentication vulnerability in Sealevel Seaconnect 370W Firmware 1.3.34 A denial of service vulnerability exists in the SeaMax remote configuration functionality of Sealevel Systems, Inc. | 9.3 |
| 2022-02-04 | CVE-2021-28503 | Improper Authentication vulnerability in Arista EOS The impact of this vulnerability is that Arista's EOS eAPI may skip re-evaluating user credentials when certificate based authentication is used, which allows remote attackers to access the device via eAPI. | 9.8 |
| 2022-02-04 | CVE-2022-23600 | Improper Authentication vulnerability in Fleetdm Fleet fleet is an open source device management, built on osquery. | 6.5 |
| 2022-02-04 | CVE-2022-24259 | Improper Authentication vulnerability in Voipmonitor An incorrect check in the component cdr.php of Voipmonitor GUI before v24.96 allows unauthenticated attackers to escalate privileges via a crafted request. | 9.8 |
| 2022-01-28 | CVE-2021-40404 | Improper Authentication vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 An authentication bypass vulnerability exists in the cgiserver.cgi Login functionality of reolink RLC-410W v3.0.0.136_20121102. | 6.5 |