Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-31 | CVE-2022-31011 | Improper Authentication vulnerability in Pingcap Tidb 5.3.0 TiDB is an open-source NewSQL database that supports Hybrid Transactional and Analytical Processing (HTAP) workloads. | 7.8 |
| 2022-05-26 | CVE-2022-26724 | Improper Authentication vulnerability in Apple Tvos An authentication issue was addressed with improved state management. | 5.5 |
| 2022-05-26 | CVE-2022-24422 | Improper Authentication vulnerability in Dell Idrac9 Dell iDRAC9 versions 5.00.00.00 and later but prior to 5.10.10.00, contain an improper authentication vulnerability. | 9.8 |
| 2022-05-26 | CVE-2022-26865 | Improper Authentication vulnerability in Dell Supportassist OS Recovery 5.5.1 Dell Support Assist OS Recovery versions before 5.5.2 contain an Authentication Bypass vulnerability. | 6.8 |
| 2022-05-24 | CVE-2021-4230 | Improper Authentication vulnerability in Airfield Online Project Airfield Online A vulnerability has been found in Airfield Online and classified as problematic. | 7.5 |
| 2022-05-24 | CVE-2022-29237 | Improper Authentication vulnerability in Apereo Opencast Opencast is a free and open source solution for automated video capture and distribution at scale. | 5.4 |
| 2022-05-24 | CVE-2022-0910 | Improper Authentication vulnerability in Zyxel products A downgrade from two-factor authentication to one-factor authentication vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.32 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, and VPN series firmware versions 4.32 through 5.21, that could allow an authenticated attacker to bypass the second authentication phase to connect the IPsec VPN server even though the two-factor authentication (2FA) was enabled. | 6.5 |
| 2022-05-20 | CVE-2021-30028 | Improper Authentication vulnerability in Sooteway Wi-Fi Range Extender Project Sooteway Wi-Fi Range Extender 1.5 SOOTEWAY Wi-Fi Range Extender v1.5 was discovered to use default credentials (the admin password for the admin account) to access the TELNET service, allowing attackers to erase/read/write the firmware remotely. | 7.2 |
| 2022-05-20 | CVE-2022-28106 | Improper Authentication vulnerability in Online Sports Complex Booking System Project Online Sports Complex Booking System 1.0 Online Sports Complex Booking System v1.0 was discovered to allow attackers to take over user accounts via a crafted POST request. | 9.8 |
| 2022-05-18 | CVE-2021-42849 | Improper Authentication vulnerability in Lenovo products A weak default password for the serial port was reported in some Lenovo Personal Cloud Storage devices that could allow unauthorized device access to an attacker with physical access. | 6.8 |