Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-12 | CVE-2023-46717 | Improper Authentication vulnerability in Fortinet Fortios An improper authentication vulnerability [CWE-287] in FortiOS versions 7.4.1 and below, versions 7.2.6 and below, and versions 7.0.12 and below when configured with FortiAuthenticator in HA may allow a readonly user to gain read-write access via successive login attempts. | 8.8 |
| 2024-03-08 | CVE-2024-21899 | Improper Authentication vulnerability in Qnap QTS and Quts Hero An improper authentication vulnerability has been reported to affect several QNAP operating system versions. | 9.8 |
| 2024-02-22 | CVE-2023-52160 | Improper Authentication vulnerability in multiple products The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. | 6.5 |
| 2024-02-22 | CVE-2023-52161 | Improper Authentication vulnerability in Intel Inet Wireless Daemon The Access Point functionality in eapol_auth_key_handle in eapol.c in iNet wireless daemon (IWD) before 2.14 allows attackers to gain unauthorized access to a protected Wi-Fi network. | 7.5 |
| 2024-02-15 | CVE-2024-20738 | Improper Authentication vulnerability in Adobe Framemaker Publishing Server 2020/2022 Adobe FrameMaker Publishing Server versions 2022.1 and earlier are affected by an Improper Authentication vulnerability that could result in a Security feature bypass. | 9.8 |
| 2024-02-13 | CVE-2024-23813 | Improper Authentication vulnerability in Siemens Polarion ALM 21.0/2304.0 A vulnerability has been identified in Polarion ALM (All versions < V2404.0). | 9.8 |
| 2024-02-09 | CVE-2024-25313 | Improper Authentication vulnerability in Code-Projects Simple School Management System 1.0 Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username and password parameters at School/teacher_login.php. | 8.8 |
| 2024-02-09 | CVE-2023-51761 | Improper Authentication vulnerability in Emerson products In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could bypass authentication and acquire admin capabilities. | 8.1 |
| 2024-02-08 | CVE-2024-24496 | Improper Authentication vulnerability in Remyandrade Daily Habit Tracker 1.0 An issue in Daily Habit Tracker v.1.0 allows a remote attacker to manipulate trackers via the home.php, add-tracker.php, delete-tracker.php, update-tracker.php components. | 9.8 |
| 2024-02-08 | CVE-2024-22394 | Improper Authentication vulnerability in Sonicwall Sonicos 7.1.17040 An improper authentication vulnerability has been identified in SonicWall SonicOS SSL-VPN feature, which in specific conditions could allow a remote attacker to bypass authentication. This issue affects only firmware version SonicOS 7.1.1-7040. | 9.8 |