Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-27 | CVE-2021-38299 | Improper Authentication vulnerability in Spomky-Labs Webauthn Framwork Webauthn Framework 3.3.x before 3.3.4 has Incorrect Access Control. | 9.8 |
| 2021-09-24 | CVE-2021-41503 | Improper Authentication vulnerability in multiple products DCS-5000L v1.05 and DCS-932L v2.17 and older are affecged by Incorrect Acess Control. | 8.0 |
| 2021-09-24 | CVE-2021-22869 | Improper Authentication vulnerability in Github Enterprise Server An improper access control vulnerability in GitHub Enterprise Server allowed a workflow job to execute in a self-hosted runner group it should not have had access to. | 9.8 |
| 2021-09-21 | CVE-2021-31917 | Improper Authentication vulnerability in multiple products A flaw was found in Red Hat DataGrid 8.x (8.0.0, 8.0.1, 8.1.0 and 8.1.1) and Infinispan (10.0.0 through 12.0.0). | 9.8 |
| 2021-09-17 | CVE-2021-41317 | Improper Authentication vulnerability in XSS Hunter Express Project XSS Hunter Express XSS Hunter Express before 2021-09-17 does not properly enforce authentication requirements for paths. | 9.8 |
| 2021-09-15 | CVE-2021-33044 | Improper Authentication vulnerability in Dahuasecurity products The identity authentication bypass vulnerability found in some Dahua products during the login process. | 9.8 |
| 2021-09-15 | CVE-2021-33045 | Improper Authentication vulnerability in Dahuasecurity products The identity authentication bypass vulnerability found in some Dahua products during the login process. | 9.8 |
| 2021-09-15 | CVE-2021-33700 | Improper Authentication vulnerability in SAP Business ONE 10.0 SAP Business One, version - 10.0, allows a local attacker with access to the victim's browser under certain circumstances, to login as the victim without knowing his/her password. | 7.8 |
| 2021-09-10 | CVE-2021-3145 | Improper Authentication vulnerability in Ionic Identity Vault In Ionic Identity Vault before 5, a local root attacker on an Android device can bypass biometric authentication. | 6.7 |
| 2021-09-10 | CVE-2021-37414 | Improper Authentication vulnerability in Zohocorp Manageengine Desktop Central Zoho ManageEngine DesktopCentral before 10.0.709 allows anyone to get a valid user's APIKEY without authentication. | 7.5 |