Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-27 | CVE-2021-32951 | Improper Authentication vulnerability in Advantech Webaccess/Nms 2.0.3/3.0.2 WebAccess/NMS (Versions prior to v3.0.3_Build6299) has an improper authentication vulnerability, which may allow unauthorized users to view resources monitored and controlled by the WebAccess/NMS, as well as IP addresses and names of all the devices managed via WebAccess/NMS. | 5.3 |
| 2021-10-22 | CVE-2020-23058 | Improper Authentication vulnerability in File Explorer Project File Explorer 1.4 An issue in the authentication mechanism in Nong Ge File Explorer v1.4 unauthenticated allows to access sensitive data. | 4.6 |
| 2021-10-18 | CVE-2010-2496 | Improper Authentication vulnerability in Clusterlabs Cluster Glue and Pacemaker stonith-ng in pacemaker and cluster-glue passed passwords as commandline parameters, making it possible for local attackers to gain access to passwords of the HA stack and potentially influence its operations. | 5.5 |
| 2021-10-11 | CVE-2021-37123 | Improper Authentication vulnerability in Huawei Hero-Ct060 Firmware There is an improper authentication vulnerability in Hero-CT060 before 1.0.0.200. | 9.8 |
| 2021-10-06 | CVE-2021-25484 | Improper Authentication vulnerability in Google Android 10.0/11.0/8.1 Improper authentication in InputManagerService prior to SMR Oct-2021 Release 1 allows monitoring the touch event. | 3.3 |
| 2021-10-06 | CVE-2021-0595 | Improper Authentication vulnerability in Google Android In lockAllProfileTasks of RootWindowContainer.java, there is a possible way to access the work profile without the profile PIN, after logging in. | 7.8 |
| 2021-10-05 | CVE-2021-41286 | Improper Authentication vulnerability in Omikron Multicash 4.00.008 Omikron MultiCash Desktop 4.00.008.SP5 relies on a client-side authentication mechanism. | 7.8 |
| 2021-10-05 | CVE-2021-39872 | Improper Authentication vulnerability in Gitlab In all versions of GitLab CE/EE since version 14.1, an improper access control vulnerability allows users with expired password to still access GitLab through git and API through access tokens acquired before password expiration. | 6.5 |
| 2021-10-04 | CVE-2021-23857 | Improper Authentication vulnerability in Bosch products Login with hash: The login routine allows the client to log in to the system not by using the password, but by using the hash of the password. | 9.8 |
| 2021-10-04 | CVE-2021-35296 | Improper Authentication vulnerability in Ptcl Hg150-Ub Firmware 3.0 An issue in the administrator authentication panel of PTCL HG150-Ub v3.0 allows attackers to bypass authentication via modification of the cookie value and Response Path. | 9.8 |